HackDig : Dig high-quality web security articles for hacker

APT Trends report Q2 2017

Introduction Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to hel
Publish At:2017-08-08 10:30 | Read:330 | Comments:0 | Tags:Featured Quarterly Malware Reports APT ExPetr fileless malwa

DDoS attacks in Q2 2017

News Overview The second quarter of 2017 saw DDoS attacks being more and more frequently used as a tool for political struggle. The Qatar crisis was accompanied by an attack on the website of Al Jazeera, the largest news network in the area, Le Monde and Le Figaro websites were targeted in the heat of the presidential election in France, and in Great Britain
Publish At:2017-08-01 17:45 | Read:517 | Comments:0 | Tags:Featured Quarterly Malware Reports Botnets DDoS-attacks Inte

ExPetr/Petya/NotPetya is a Wiper, Not Ransomware

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made. This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was designed as a wiper prete
Publish At:2017-06-28 19:25 | Read:452 | Comments:0 | Tags:Featured Incidents Petya Ransomware Wiper

Schroedinger’s Pet(ya)

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. If you were one of the unfortunate victims, this screen might look familiar: Kaspersky Lab solutions successfully stop the attack through the System Watcher component. This te
Publish At:2017-06-27 20:10 | Read:558 | Comments:0 | Tags:Featured Incidents Data Encryption Malware Descriptions Rans

KSN Report: Ransomware in 2016-2017

This report has been prepared using depersonalized data processed by Kaspersky Security Network (KSN). The metrics are based on the number of distinct users of Kaspersky Lab products with the KSN feature enabled, who encountered ransomware at least once in a given period, as well as research into the ransomware threat landscape by Kaspersky Lab experts. Thi
Publish At:2017-06-26 07:20 | Read:439 | Comments:0 | Tags:Featured Publications Encryption Financial malware Malware S

Honeypots and the Internet of Things

There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or ‘smart’ devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up o
Publish At:2017-06-19 09:35 | Read:634 | Comments:0 | Tags:Featured Research Backdoor Botnets DDoS-attacks honeypot Int

Nigerian phishing: Industrial companies under attack

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors. As further research demonstrated, this was just part of a bigger story that began mu
Publish At:2017-06-15 13:30 | Read:676 | Comments:0 | Tags:Featured Research industrial software Nigerian Scam Phishing

SambaCry is coming

Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for *nix-based systems – EternalRed (aka SambaCry). This vulnerability (CVE-2017-7494) relates to all versions of Samba, starting from 3.5.0, which was released in 2010, and was patched only in the latest versions of
Publish At:2017-06-10 04:35 | Read:664 | Comments:0 | Tags:Featured Research Backdoor Cryptocurrencies Vulnerabilities

Dvmap: the first Android malware with code injection

In April 2017 we started observing new rooting malware being distributed through the Google Play Store. Unlike other rooting malware, this Trojan not only installs its modules into the system, it also injects malicious code into the system runtime libraries. Kaspersky Lab products detect it as Trojan.AndroidOS.Dvmap.a. The distribution of rooting malware thr
Publish At:2017-06-08 15:45 | Read:848 | Comments:0 | Tags:Featured Mobile code injection Google Android Mobile Malware

WannaCry mistakes that can help you restore files after infection

Sometimes ransomware developers make mistakes in their code. These mistakes could help victims regain access to their original files after a ransomware infection. This article is a short description of several errors, which were made by the WannaCry ransomware developers. Errors in file removal logic When Wannacry encrypts its victim’s files, it reads
Publish At:2017-06-01 10:55 | Read:793 | Comments:0 | Tags:Blog Featured Research Ransomware WannaCry

What Interests Children Online

Today’s children and teenagers are integrated into cyberspace so tightly that discussions on the outright prohibition of using devices with Internet connectivity are nonsensical. It is more reasonable to teach children how to behave themselves correctly online and lend support by protecting them against undesirable content. To solve these problems, man
Publish At:2017-06-01 10:55 | Read:913 | Comments:0 | Tags:Analysis Featured Publications Parental control Security tec

IT threat evolution Q1 2017

Overview Targeted attacks and malware campaigns More wipers The aim of most targeted attack campaigns is to steal sensitive data. However, this isn’t always the goal. Sometimes attackers erase data instead of – or as well as – trying to gain access to confidential information. We’ve seen several wiper attacks in recent years. They include Shamoon
Publish At:2017-05-22 11:35 | Read:1201 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports APT Cyber espion

IT threat evolution Q1 2017. Statistics

Q1 figures According to KSN data, Kaspersky Lab solutions detected and repelled 479,528,279 malicious attacks from online resources located in 190 countries all over the world. 79,209,775 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that aims to steal money via online access to bank accounts were regis
Publish At:2017-05-22 11:35 | Read:590 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports Financial malwar

WannaCry and Lazarus Group – the missing link?

A few hours ago, Neel Mehta, a researcher at Google posted a mysterious message on Twitter with the #WannaCryptAttribution hashtag: The cryptic message in fact refers to a similarity between two samples that have shared code. The two samples Neel refers to in the post are: A WannaCry cryptor sample from February 2017 which looks like a very early variant A
Publish At:2017-05-15 18:30 | Read:711 | Comments:0 | Tags:Blog Featured Research Lazarus Ransomware WannaCry

Ztorg: money for infecting your smartphone

This research started when we discovered an infected Pokémon GO guide in Google Play. It was there for several weeks and was downloaded more than 500,000 times. We detected the malware as Trojan.AndroidOS.Ztorg.ad. After some searching, I found some other similar infected apps that were being distributed from the Google Play Store. The first of them, called
Publish At:2017-05-15 13:40 | Read:1283 | Comments:0 | Tags:Analysis Featured Publications advertisement Google Android

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud