HackDig : Dig high-quality web security articles for hacker

Hackers leaked data from alleged Mandiant FireEye ‘breach’ under #OpLeakTheAnalyst.

Late Sunday evening, hackers leaked details alleged stolen from a compromised system maintained by Adi Peretz, a Senior Analyst at Mandiant. Late Sunday evening, hackers have posted details alleged stolen from a system belonging to Adi Peretz, a Senior Threat Intelligence Analyst at security firm FireEye/Mandiant. The leaked archive is a 337MB PST file conta
Publish At:2017-08-01 00:45 | Read:3205 | Comments:0 | Tags:Breaking News Data Breach Hacking #OpLeakTheAnalyst data bre

Denmark blamed Russia APT28 group for cyber intrusions in Defense Ministry Emails

Denmark on Monday denounced Russia after the publication of a report that accused Russian APT28 of hacking the defense ministry’s email accounts. Today the Danish Government officially blamed Russia for cyber attacks against its Defense Ministry. Denmark denounced a cyber intrusion in several Defense Ministry’s email accounts. The accusation com
Publish At:2017-04-26 07:51 | Read:2485 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking APT28 cyber espionag

China-Linked DragonOK APT Group continues updating tools and tactics

The China-linked DragonOK continues updating tools and tactics and targeted entities in various countries, including Russia and Tibet. It was September 2014, when security researchers at FireEye spotted for the first time the cyber espionage activities of a Chinese state-sponsored group dubbed DragonOK. At the time, FireEye discovered two hacking campaigns c
Publish At:2017-01-07 13:45 | Read:3918 | Comments:0 | Tags:APT Breaking News Cyber Crime Hacking Intelligence China cor

Hong Kong Government Hacked by APT3 Group before elections

Two Hong Hong government departments were targeted by Chinese hackers belonging the APT3 group just before the legislative elections. Security experts from FireEye have discovered a new cyber espionage campaign launched by the Chinese APT3 group against Hong Kong Government before upcoming parliamentary elections that are to be held today September 4. The h
Publish At:2016-09-04 15:00 | Read:3242 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Intelligence APT3 cyber es

FireEye 2016 ICS Vulnerabilities Trend Report: Missed Warnings, Exposed Industrial Environments

Industrial Control Systems (ICS) are the technology workhorses responsible for powering the electric grid and utilities, water treatment plants, oil and gas production, food and beverage manufacturing, and transportation systems, among many others. Our society relies on these systems more than we know to keep life running smoothly.However, a new research rep
Publish At:2016-08-05 01:35 | Read:4187 | Comments:0 | Tags:Featured Articles ICS Security FireEye ICS Vulnerabilties Re

Got $90,000? A Windows 0-Day Could Be Yours

How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit
Publish At:2016-06-16 05:15 | Read:4707 | Comments:0 | Tags:A Little Sunshine Latest Warnings Ne'er-Do-Well News The Com

VXE Flaw allowed threats to bypass FireEye detection engine

Researchers at Blue Frost Security firm discovered a flaw in the FireEye Virtual Execution Engine (VXE) that allows an attacker to completely bypass virtualization-based dynamic analysis and whitelist malware. Security researchers at Blue Frost Security have found a high severity vulnerability in FireEye products that allowed an attacker to bypass the compan
Publish At:2016-02-18 20:55 | Read:2388 | Comments:0 | Tags:Breaking News Hacking Security FireEye malware Virtual Execu

Critical Remote Root Zero-Day In FireEye Appliances

So FireEye doesn’t have a particularly good reputation in the security community, it’s generally not handled responsible disclosure well and it’s even taken a security firm (ERNW) to court over a vulnerability disclosure.And now there’s another critical remote root zero-day in FireEye appliances – which is scary, as these are hi
Publish At:2015-12-17 05:45 | Read:2619 | Comments:0 | Tags:Exploits/Vulnerabilities Countermeasures tavis ormandy firee

FireEye Appliances affected by a critical flaw simply exploitable

Security experts at the Google Project Zero team have discovered a critical flaw in FireEye appliances that could be exploited via email. A remote code execution vulnerability dubbed “666” affect FireEye Appliances, hackers can exploit the flaw simply by sending an email or tricking users into clicking on a link. The 666 vulne
Publish At:2015-12-16 19:45 | Read:2721 | Comments:0 | Tags:Hacking Breaking News FireEye Remote Code Execution Google P

When a single e-mail gives hackers full access to your network

When you're a Fortune 500 company that's a favorite target of sophisticated hackers, it often makes sense to install security appliances at the outer edges of your network to stop attacks before they get far. Now, researchers say they have uncovered a vulnerability in such a product from security firm FireEye that can give attackers full network access.The v
Publish At:2015-12-16 15:50 | Read:2873 | Comments:0 | Tags:Risk Assessment Technology Lab advanced persistent threat ex

Persistent Financial Malware ‘Nemesis’ Targets Boot Record

A group of attackers are behind a strain of payment card malware that has bootkit functionality, something that makes it very difficult to detect, much less remove.“FIN1,” the group behind the malware, appears to be based in Russia, according to researchers at both FireEye and Mandiant who described the group on Monday. The two firms uncovered th
Publish At:2015-12-07 18:05 | Read:3158 | Comments:0 | Tags:Malware Bootkit Bootkit functionality FireEye malware MANDIA

China APT Gang Targets Hong Kong Media via Dropbox

An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong.An August attack against several media companies in Hong Kong was carried out shortly after a high-profile controversy over an appointment at the prestigiou
Publish At:2015-12-01 17:25 | Read:2365 | Comments:0 | Tags:Government Malware Web Security admin@338 advanced persisten

Chinese Mobile Ad Library Backdoored to Spy on iOS Devices

Versions of a popular Chinese mobile ad library have been backdoored with capabilities that can be used to surreptitiously record audio and steal data stored on thousands of iOS devices.Researchers at FireEye said today they have found 17 backdoored versions of the mobiSage SDK (versions 5.3.3 to 6.4.4); the offending behaviors are not present in the most up
Publish At:2015-11-04 15:50 | Read:2073 | Comments:0 | Tags:Apple Malware Mobile Security apple backdoor FireEye ios Jav

Updated XcodeGhost Adds iOS9 Support

New samples of XcodeGhost, malware targeting iOS devices, have surfaced beyond the borders of China with new support for iOS9 and obfuscation techniques making it that much harder to detect.iOS9 is only a few weeks old and included new security measures that allowed for only secure HTTPS connections by default, cutting off lines of communication for earlier
Publish At:2015-11-03 21:50 | Read:2517 | Comments:0 | Tags:Apple Malware Mobile Security apple Apple malware FireEye io

FIN5 hacking crew steals 150,000 credit cards from casino

FireEye has uncovered a new hacking group dubbed FIN5 hacked payment systems of an un-named Casino and it has stolen nearly 150,000 credit cards. The fact that the game can create problems is not a novelty, news of the day is that an un-named Casino has lost 150,000 credit cards. The cause of the data breach also in this case
Publish At:2015-10-14 16:15 | Read:2646 | Comments:0 | Tags:Breaking News Cyber Crime Malware credit card Cybercrime Fin

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud