HackDig : Dig high-quality web security articles for hackers

Redirect auction

We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated. Recently, while examining the behavior of one n
Publish At:2020-07-08 08:11 | Read:61 | Comments:0 | Tags:Featured Research Phishing Website Hacks

Pig in a poke: smartphone adware

Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants itself in the system partition, and trying to get rid of it can lead to device failure. In addition, ads can be emb
Publish At:2020-07-06 08:25 | Read:184 | Comments:0 | Tags:Featured Research advertising networks Adware Mobile Malware

Magnitude exploit kit – evolution

Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just a plugin for a web browser, meaning
Publish At:2020-06-24 07:10 | Read:177 | Comments:0 | Tags:Featured Malware descriptions Browser Exploit Kits Malware D

Oh, what a boot-iful mornin’

In mid-April, our threat monitoring systems detected malicious files being distributed under the name “on the new initiative of the World Bank in connection with the coronavirus pandemic” (in Russian) with the extension EXE or RAR. Inside the files was the well-known Rovnix bootkit. There is nothing new about cybercriminals exploiting the coronav
Publish At:2020-06-23 08:00 | Read:123 | Comments:0 | Tags:Featured Malware descriptions Bootkit DLL hijacking Malware

Web skimming with Google Analytics

Web skimming is a common class of attacks generally aimed at online shoppers. The principle is quite simple: malicious code is injected into the compromised site, which collects and sends user-entered data to a cybercriminal resource. If the attack is successful, the cybercriminals gain access to shoppers’ payment information. To make the data flow to
Publish At:2020-06-22 06:07 | Read:111 | Comments:0 | Tags:Featured Publications Security Websites Website Hacks

Microcin is here

In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a diplomatic entity. What initially attracted our attention was the enterprise-grade API-like (application programming interface) programming style. Such an approach is not that common in the malware world and is mostly used by top
Publish At:2020-06-19 07:29 | Read:159 | Comments:0 | Tags:APT reports Featured Malware Descriptions Malware Technologi

Do cybercriminals play cyber games during quarantine?

Thanks to the coronavirus pandemic, the role of the Internet in our lives has undergone changes, including irreversible ones. Some of these changes are definitely for the better, some are not very good, but almost all of them in some way affect digital security issues. We decided to take a closer look at the changes around us through the prism of information
Publish At:2020-06-17 06:26 | Read:131 | Comments:0 | Tags:Featured Publications Gaming malware Malware Statistics Onli

Explicit content and cyberthreats: 2019 report

‘Stay at home’ is the new motto for 2020 and it has entailed many changes to our daily lives, most importantly, in terms of our digital content consumption. With users opting to entertain themselves online, malicious activity has grown. Over the past two years we have reviewed how adult content has been used to spread malware and abuse users̵
Publish At:2020-06-15 06:58 | Read:154 | Comments:0 | Tags:Featured Publications Adware Malware Malware Statistics Mobi

Looking at Big Threats Using Code Similarity. Part 1

Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience. You can read more about KTAE in our official press release, or go directly to its info page on the Ka
Publish At:2020-06-09 08:07 | Read:196 | Comments:0 | Tags:Featured Security technologies APT Lazarus Malware Technolog

Kids on the Web in 2020

Technology is what is saving us from a complete change in the way of life in a world of a raging pandemic. It keeps the educational process going, relieves the shortage of human communication and helps us to live life as fully as possible given the isolation and social distancing. Many adults, and children too, have come to realize that the computer is not j
Publish At:2020-06-03 06:33 | Read:195 | Comments:0 | Tags:Featured Publications Parental control Security technology

Cycldek: Bridging the (air) gap

Key findings While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. In this blog post we aim to bridge the knowledge gap on this group and provide a more thorough insight into its latest activities and modus operandi. Here are some key insig
Publish At:2020-06-03 06:33 | Read:186 | Comments:0 | Tags:APT reports Featured APT Malware

Spam and phishing in Q1 2020

Quarterly highlights Don’t get burned Burning Man is one of the most eagerly awaited events among fans of spectacular performance and installation art. The main obstacle to attending is the price of admission: a standard ticket will set you back $475, the number is limited, and the buying process is a challenge all by itself (there are several stages,
Publish At:2020-05-26 08:14 | Read:208 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

Aggressive in-app advertising in Android

Recently, we’ve been noticing ever more dubious advertising libraries in popular apps on Google Play. The monetization methods used in such SDKs can pose a threat to users, yet they pull in more revenue for developers than whitelisted ad modules due to the greater number of views. In this post we will look into a few examples of suspicious-looking ad m
Publish At:2020-05-25 06:21 | Read:243 | Comments:0 | Tags:Featured Research Adware Google Android

IT threat evolution Q1 2020

Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted macOS targets, with t
Publish At:2020-05-24 07:11 | Read:164 | Comments:0 | Tags:Featured Malware reports Apple iOS Apple MacOS APT Data leak

IT threat evolution Q1 2020. Statistics

These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky solutions blocked 726,536,269 attacks launched from online resources in 203 countries across the globe. A total of 442,039,230 unique URLs were recognize
Publish At:2020-05-24 07:11 | Read:135 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Googl

Announce

Share high-quality web security related articles with you:)

Tools