HackDig : Dig high-quality web security articles for hacker

AZORult spreads as a fake ProtonVPN installer

AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 2019 when the threat actor behind it registered a new domain und
Publish At:2020-02-18 06:35 | Read:153 | Comments:0 | Tags:Featured Incidents Botnets Cryptocurrencies Data theft Malve

DDoS attacks in Q4 2019

News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of WS-Discovery, which we covered in the previous report, cybercriminals turned to Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD) application for remote administration. The first attacks using A
Publish At:2020-02-15 12:54 | Read:177 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

KBOT: sometimes they come back

Although by force of habit many still refer to any malware as a virus, this once extremely common class of threats is gradually becoming a thing of the past. However, there are some interesting exceptions to this trend: we recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, a virus. It is th
Publish At:2020-02-10 10:37 | Read:136 | Comments:0 | Tags:Featured Malware descriptions DLL hijacking Malware Descript

Happy New Fear! Gift-wrapped spam and phishing

Pre-holiday spam Easy money In the run-up to Christmas and New Year, scam е-mails mentioning easy pickings, lottery winnings, and other cash surprises are especially popular. All the more so given how simple it is to adapt existing schemes simply by mentioning the holiday in the subject line. For example, one scam е-mail with the subject line “Xsmas gi
Publish At:2020-02-07 06:05 | Read:205 | Comments:0 | Tags:Featured Spam and phishing mailings Malicious spam Phishing

Operation AppleJeus Sequel

The Lazarus group is currently one of the most active and prolific APT actors. In 2018, Kaspersky published a report on one of their campaigns, named Operation AppleJeus. Notably, this operation marked the first time Lazarus had targeted macOS users, with the group inventing a fake company in order to deliver their manipulated application and exploit the hig
Publish At:2020-01-08 06:05 | Read:229 | Comments:0 | Tags:APT reports Featured Apple MacOS Cryptocurrencies Lazarus Ma

Kaspersky Security Bulletin 2019. Statistics

All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky product users from 203 countries and territories worldwide participate in this global exc
Publish At:2019-12-12 13:05 | Read:503 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Financial malware Malwa

Story of the year 2019: Cities under ransomware siege

Ransomware has been targeting the private sector for years now. Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems. Looking back at the past three years, the share of users targeted with ransomware in the overall
Publish At:2019-12-11 06:05 | Read:533 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Malware Descriptions Ma

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

In November 2019, Kaspersky technologies successfully detected a Google Chrome 0-day exploit that was used in Operation WizardOpium attacks. During our investigation, we discovered that yet another 0-day exploit was used in those attacks. The exploit for Google Chrome embeds a 0-day EoP exploit (CVE-2019-1458) that is used to gain higher privileges on the in
Publish At:2019-12-10 18:05 | Read:603 | Comments:0 | Tags:Featured Research Microsoft Windows Vulnerabilities and expl

APT review: what the world’s threat actors got up to in 2019

What were the most interesting developments in terms of APT activity during the year and what can we learn from them? This is not an easy question to answer, because researchers have only partial visibility and it´s impossible to fully understand the motivation for some attacks or the developments behind them. However, let´s try to approach the problem from
Publish At:2019-12-04 06:05 | Read:783 | Comments:0 | Tags:Featured Kaspersky Security Bulletin APT Mobile Malware Priv

Biometric data processing and storage system threats

Initially, digital biometric data processing systems were used primarily by government agencies and special services (police, customs, etc.). However, the rapid evolution of information technology has made biometric systems accessible for ‘civil’ use. They are increasingly becoming part of our everyday lives, augmenting and replacing traditional
Publish At:2019-12-02 13:05 | Read:537 | Comments:0 | Tags:Featured Malware reports Biometric authentication Data leaks

RevengeHotels: cybercrime targeting hotel front desks worldwide

RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil. We have confirmed more than 20 hotels that are victims of the group, located in eight states in Brazil, but also in other countries such as Argentina, Bolivia, Chile, Costa Rica, France, Italy, Me
Publish At:2019-11-30 13:05 | Read:534 | Comments:0 | Tags:APT reports Featured Brazil Cyber espionage RAT Trojan Spear

IT threat evolution Q3 2019

Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this
Publish At:2019-11-30 13:05 | Read:816 | Comments:0 | Tags:Featured Malware reports Apple MacOS APT connected car Cyber

IT threat evolution Q3 2019. Statistics

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network: Kaspersky solutions blocked 989,432,403 attacks launched from online resources in 203 countries across the globe. 560,025,316 unique URLs were recognized as malicious
Publish At:2019-11-30 13:05 | Read:804 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Inter

Spam and phishing in Q3 2019

Quarterly highlights Amazon Prime In Q3, we registered numerous scam mailings related to Amazon Prime. Most of the phishing emails with a link to a fake Amazon login page offered new prices or rewards for buying things, or reported problems with membership, etc. Against the backdrop of September’s Prime Day sale, such messages were plausible. Scammers
Publish At:2019-11-26 06:05 | Read:490 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

Unwanted notifications in browser

When, back in 2015, push notifications were just appearing in browsers, very few people wondered how this tool would be used in the future: once a useful technology made to keep regular readers informed about updates, today it is often used to shell website visitors with unsolicited ads. To achieve that, users are hoaxed into subscribing to notifications, fo
Publish At:2019-11-25 13:05 | Read:480 | Comments:0 | Tags:Featured Research Browser Phishing Social Engineering

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud