HackDig : Dig high-quality web security articles for hacker

The cake is a lie! Uncovering the secret world of malware-like cheats in video games

In 2018, the video game industry became one of the most lucrative in the world, generating $43.4 billion in revenue within the United States alone. When we consider that video game licenses are only a fraction of the total market, it becomes clear just how important the industry is compared to the movie and music industries, for example. Moreover, conservati
Publish At:2019-11-12 01:05 | Read:86 | Comments:0 | Tags:Featured Publications Electronic Payments Fraud Online Games

Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium

Executive summary Kaspersky Exploit Prevention is a component part of Kaspersky products that has successfully detected a number of zero-day attacks in the past. Recently, it caught a new unknown exploit for Google’s Chrome browser. We promptly reported this to the Google Chrome security team. After reviewing of the PoC we provided, Google confirmed th
Publish At:2019-11-12 01:05 | Read:49 | Comments:0 | Tags:Featured Incidents Google Chrome JavaScript Proof-of-Concept

DarkUniverse – the mysterious APT framework #27

In April 2017, ShadowBrokers published their well-known ‘Lost in Translation’ leak, which, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th function of this script, which we call ‘DarkUniverse’. This APT was active for a
Publish At:2019-11-12 01:05 | Read:72 | Comments:0 | Tags:APT reports Featured Cyber espionage Microsoft Office Shadow

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The ma
Publish At:2019-11-12 01:05 | Read:91 | Comments:0 | Tags:APT reports Featured Backdoor fileless malware Malware Descr

DDoS attacks in Q3 2019

News overview This past quarter we observed a new DDoS attack that confirmed our earlier hypothesis regarding attacks through the Memcached protocol. As we surmised, the attackers attempted to use another, rather exotic protocol to amplify DDoS attacks. Experts at Akamai Technologies recently registered an attack on one of their clients that was carried out
Publish At:2019-11-12 01:05 | Read:80 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

Steam-powered scammers

Digital game distribution services have not only simplified the sale of games themselves, but provided developers with additional monetization levers. For example, in-game items, such as skins, equipment, and other character-enhancing elements as well as those that help one show up, can be sold for real money. Users themselves can also sell items to each oth
Publish At:2019-10-28 06:05 | Read:161 | Comments:0 | Tags:Featured Research Fraud gam Phishing websites Social Enginee

Data collectors

Who owns data owns the world. And with the Internet taking over much of our daily lives, it has become far easier and faster to receive, collect, and analyze data. The average user cannot even imagine how much data gets collected on them. Besides technical information (for example, about a smartphone) harvested by a manufacturer to patch vulnerabilities, com
Publish At:2019-10-23 06:05 | Read:275 | Comments:0 | Tags:Featured Publications advertising networks Data Protection F

APT trends report Q3 2019

For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They a
Publish At:2019-10-16 06:25 | Read:211 | Comments:0 | Tags:APT reports Featured Apple iOS APT Browser Chinese-speaking

IoT: a malware story

Since 2008, cyber-criminals have been creating malware to attack IoT-devices, such as routers and other types of network equipment. You will find a lot of statistics on this on Securelist, most notably, here and here. The main problem with these IoT/embedded devices is that one simply cannot install any kind of security software. How do we deal with that? Th
Publish At:2019-10-15 06:20 | Read:198 | Comments:0 | Tags:Featured Malware reports Backdoor Botnets honeypot Internet

A glimpse into the present state of security in robotics

 Download full report (PDF) The world of today continues its progress toward higher digitalization and mobility. From developments in the Internet of Things (IoT) through augmented reality to Industry 4.0, whichrely on stronger automation and use of robots, all of these bring more efficiency to production processes and improves user experience across th
Publish At:2019-10-14 06:20 | Read:295 | Comments:0 | Tags:Featured Publications Internet of Things Security technology

Managed Detection and Response analytics report, H1 2019

 Download full report (PDF) Introduction This report contains the results of the Managed Detection and Response (MDR) service (brand name – Kaspersky Managed Protection). The MDR service provides managed threat hunting and initial incident response. Threat hunting is the practice of iteratively searching through data collected from sensors (refere
Publish At:2019-10-08 06:20 | Read:426 | Comments:0 | Tags:Featured Publications Antivirus Technologies Industrial thre

COMpfun successor Reductor infects files on the fly to compromise TLS traffic

In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capa
Publish At:2019-10-03 07:00 | Read:336 | Comments:0 | Tags:APT reports Featured Browser Digital Certificates Encryption

The State of Stalkerware in 2019

Introduction and methodology Six months ago, we created a special alert that notifies users about commercial spyware (stalkerware) products installed on their phones. This report examines the use of stalkerware and the number of users affected by this software in the first eight months of 2019. –°onsumer surveillance technology has evolved rapidly in recent y
Publish At:2019-10-02 06:20 | Read:1031 | Comments:0 | Tags:Featured Publications Cyberbullying Cybercrime Malware Stati

Hello! My name is Dtrack

Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards that were inserted into the mach
Publish At:2019-09-23 06:20 | Read:295 | Comments:0 | Tags:Featured Research ATM Dropper Financial malware Lazarus Malw

IT threat evolution Q2 2019

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users thr
Publish At:2019-09-19 18:20 | Read:273 | Comments:0 | Tags:Featured Malware reports APT Cyber espionage Data leaks Fina

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud