HackDig : Dig high-quality web security articles for hackers

An overview of targeted attacks and APTs on Linux

Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux is a secure-by-default operating system that isn’t susceptible to malicious code. It’s certainly tru
Publish At:2020-09-10 06:04 | Read:114 | Comments:0 | Tags:Featured Publications APT Cyber espionage Linux Targeted Att

Digital Education: The cyberrisks of the online classroom

This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools began to transition to emergency remote learning, it became c
Publish At:2020-09-04 08:09 | Read:163 | Comments:0 | Tags:Featured Publications Malicious spam Malware Statistics RDP

IT threat evolution Q2 2020

IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps
Publish At:2020-09-03 16:30 | Read:254 | Comments:0 | Tags:Featured Malware reports Backdoor Exploit Kits Malware Descr

IT threat evolution Q2 2020. PC statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q2: Kaspersky solutions blocked 899,744,810 attacks launched from online resourc
Publish At:2020-09-03 16:30 | Read:119 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Inter

IT threat evolution Q2 2020. Mobile statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. PC statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, the second quarter saw: 1,245,894 detected malicious installers, of which 38,951 packa
Publish At:2020-09-03 16:30 | Read:98 | Comments:0 | Tags:Featured Malware reports Adware Malware Statistics Mobile Ma

Operation PowerFall: CVE-2020-0986 and variants

In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit targeting the latest builds of Windows 10. While we already described the exploit for Internet Explorer in the original blog post, we also p
Publish At:2020-09-02 06:35 | Read:88 | Comments:0 | Tags:Featured Research Malware Technologies Microsoft Windows Vul

Transparent Tribe: Evolution analysis,part 2

Background + Key findings Transparent Tribe, also known as PROJECTM or MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. In the last four years, this APT group has never taken time off. They continue to hit their targets, which typically are Indian military and government personnel. This is the second of two artic
Publish At:2020-08-26 06:34 | Read:154 | Comments:0 | Tags:APT reports Featured APT Google Android Malware Descriptions

Lifting the veil on DeathStalker, a mercenary triumvirate

State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day exploit chains capture our collective imagination. Yet these groups still aren’t likely to be a part of the risk model at most companies, nor should they be. Businesses today are faced with an arr
Publish At:2020-08-24 07:38 | Read:176 | Comments:0 | Tags:APT reports Featured Cybercrime Malware Descriptions Malware

Transparent Tribe: Evolution analysis,part 1

Background and key findings Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group. We have periodically reported their activities through our APT threat intell
Publish At:2020-08-20 08:00 | Read:255 | Comments:0 | Tags:APT reports Featured APT Keyloggers Malware Descriptions Mal

CactusPete APT group’s updated Bisonal backdoor

CactusPete (also known as Karma Panda or Tonto Team) is an APT group that has been publicly known since at least 2013. Some of the group’s activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this group’s activity for years as well. Historically, their activity has been foc
Publish At:2020-08-13 06:21 | Read:275 | Comments:0 | Tags:APT reports Featured Backdoor Data theft Malware Description

Internet Explorer and Windows zero-day exploits used in Operation PowerFall

Executive summary In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer and an elevation of privilege exploit for
Publish At:2020-08-12 03:19 | Read:328 | Comments:0 | Tags:Featured Research Malware Technologies Microsoft Internet Ex

DDoS attacks in Q2 2020

News overview Not just one but two new DDoS amplification methods were discovered last quarter. In mid-May, Israeli researchers reported a new DNS server vulnerability that lurks in the DNS delegation process. The vulnerability exploitation scheme was dubbed “NXNSAttack”. The hacker sends to a legitimate recursive DNS server a request to several
Publish At:2020-08-10 06:01 | Read:251 | Comments:0 | Tags:DDoS reports Featured Botnets Cybercrime DDoS-attacks Malwar

Spam and phishing in Q2 2020

Quarterly highlights Targeted attacks The second quarter often saw phishers resort to targeted attacks, especially against fairly small companies. To attract attention, scammers imitated email messages and websites of companies whose products or services their potential victims could be using. The scammers did not try to make any of the website elements appe
Publish At:2020-08-07 06:17 | Read:165 | Comments:0 | Tags:Featured Spam and phishing reports Phishing websites Spam Le

Incident Response Analyst Report 2019

 Download full report (PDF) As an incident response service provider, Kaspersky delivers a global service that results in global visibility of adversaries’ cyber-incident tactics and techniques used in the wild. In this report, we share our teams’ conclusions and analysis based on incident responses and statistics from 2019. As well as a ran
Publish At:2020-08-06 07:07 | Read:183 | Comments:0 | Tags:Featured Publications Data leaks Industrial threats Maliciou

WastedLocker: technical analysis

The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often. On July 23, Garmin, a major manufacturer of navigation equipment and smart devices, including smart watches and bracelets, experienced a massive service outage. As confirmed by an official stateme
Publish At:2020-07-31 07:08 | Read:250 | Comments:0 | Tags:Featured Malware descriptions Malware Descriptions Malware T

Tools

Tag Cloud