HackDig : Dig high-quality web security articles for hacker

New Ransomware Process Leverages Native Windows Features

A new methodology for instigating ransomware makes use of Windows' own Encrypting File System (EFS). EFS has been a part of Windows since Windows 2000. Unlike Windows' BitLocker -- which is a full disk encryption feature -- EFS can selectively encrypt individual files or folders. It does this transparently to the user, using a key that is partly stored in an
Publish At:2020-01-21 12:00 | Read:81 | Comments:0 | Tags:NEWS & INDUSTRY Malware

New 5ss5c Ransomware Likely Readied to Replace Satan

The threat actor or group behind the Satan ransomware -- and probably DBGer and Lucky and possibly Iron -- seems to be engaged in a new version or evolution of Satan: 5ss5c.According to malware researcher/analyst Bart Blaze, the actor has been working on this new product since at least November 2019. It is thought to be a work in progress because of the pres
Publish At:2020-01-15 22:15 | Read:168 | Comments:0 | Tags:NEWS & INDUSTRY Malware

Oski Stealer Targets Browser Data, Crypto Wallets in U.S.

Still under development, a newly discovered information stealer is successfully targeting Internet browsers and cryptocurrency wallet applications, and most victims are apparently located in the United States.The fairly new malware, which has been dubbed Oski Stealer, is being advertised on underground cyber-forums, including several Russian forums, security
Publish At:2020-01-13 10:15 | Read:141 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Pulse Secure VPN Vulnerability Still Widely Exploited, CISA Warns

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations that malicious hackers continue to exploit a widely known Pulse Secure VPN vulnerability.A researcher revealed recently that cybercriminals had started exploiting CVE-2019-11510, a critical vulnerability affecting enterprise VPN product
Publish At:2020-01-10 22:15 | Read:320 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

North Korean Hackers Continue to Target Cryptocurrency Exchanges

Over the past year and a half, the North Korea-linked Lazarus group has continued attacks on cryptocurrency exchanges but modified its malware and some techniques, Kaspersky reports. Supposedly backed by the North Korean government and active since at least 2009, Lazarus is believed to be behind various high-profile attacks, including the WannaCry outbr
Publish At:2020-01-09 22:15 | Read:200 | Comments:0 | Tags:NEWS & INDUSTRY Malware

Interpol Announces Successful Operation Against Cryptojacking in Southeast Asia

Interpol announced on Wednesday that it has coordinated an international operation aimed at removing illegally installed cryptocurrency miners from routers located in Southeast Asia.The operation, dubbed Goldfish Alpha, was conducted in cooperation with Trend Micro, along with law enforcement and CERTs from ASEAN countries, including Brunei, Cambodia, Indone
Publish At:2020-01-08 22:15 | Read:347 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Malware Vulnerabilit

Chinese Cyber-Espionage Group Targeted NGOs for Years

A cyber-espionage group supposedly linked to the Chinese government is targeting non-governmental organizations (NGOs) in South and East Asia, Secureworks has revealed.Referred to as BRONZE PRESIDENT, the group may have been active since at least 2014, also targeting political and law enforcement organizations and using both proprietary and publicly availabl
Publish At:2020-01-08 10:15 | Read:206 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Malware Cybercrime

App Found in Google Play Exploits Recent Android Zero-Day

A malicious application in the Google Play store targeted a recently patched zero-day vulnerability that affects multiple Android devices, including Google’s Pixel phones.Tracked as CVE-2019-2215, the vulnerability was disclosed as a zero-day in October by Google Project Zero security researcher Maddie Stone. A use-after-free in the binder driver, the bug co
Publish At:2020-01-07 10:15 | Read:177 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Viru

Pulse Secure VPN Vulnerability Exploited to Deliver Ransomware

A widely known vulnerability affecting an enterprise VPN product from Pulse Secure has been exploited by cybercriminals to deliver a piece of ransomware, a researcher has warned.The flaw in question, tracked as CVE-2019-11510, is one of the many security holes disclosed last year by a team of researchers in enterprise VPN products from Fortinet, Palo Alto Ne
Publish At:2020-01-06 22:15 | Read:228 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

A week in security (December 30 – January 5)

Last week on Malwarebytes Labs, we took a dive into edge computing, looked at new web skimmer techniques, and rolled our eyes at silly people doing silly things. Other cybersecurity news: Stills and chills: A Reddit user notices their security camera is grabbing stills from other people’s devices. (Source: Reddit) Tik Tok, the clock has stopped: The US Mili
Publish At:2020-01-06 21:50 | Read:228 | Comments:0 | Tags:A week in security CISO malware skimmer tiktok week in secur

Cyber News Rundown: US Coast Guard Hit with Ransomware

Reading Time: ~ 2 min. US Coast Guard Facility Hit with Ransomware During the last week of December a US Coast Guard facility was the target of a Ryuk ransomware attack that shut down operations for over 30 hours. Though the Coast Guard has implemented multiple cybersecurity regulations in just the last six months or so, this attack broke through the weak
Publish At:2020-01-03 15:10 | Read:364 | Comments:0 | Tags:Industry Intel malware ransomware

7 types of virus – a short glossary of contemporary cyberbadness

byPaul DucklinOK, technically, this article is about malware in general, not about viruses in particular.Strictly speaking, virus refers to a type of malware that spreads by itself, so that once it’s in your system, you may end up with hundreds or even thousands of infected files……on every computer in your network, and in the networks your
Publish At:2019-12-28 17:35 | Read:335 | Comments:0 | Tags:Malware Banking Trojan Data Stealer keylogger malware RAM sc

Sextortionists return for Christmas – price goes down, threats go up

byPaul DucklinA week ago, a concerned Naked Security reader shared with us a “send us money or else” email that was a bit different from others he’d received in the past.The claims and the demands followed a predictable theme – one that we call sextortion because of the connection between sexuality and extortion.Simply put, the scamme
Publish At:2019-12-24 12:35 | Read:422 | Comments:0 | Tags:Malware Spam Cybercrime Scam sextortion spyware

How we developed our simple Harbour decompiler

https://github.com/KasperskyLab/hb_dec Every once in a while we get a request that leaves us scratching our heads. With these types of requests, existing tools are usually not enough and we have to create our own custom tooling to solve the “problem”. One such request dropped onto our desk at the beginning of 2018, when one of our customers – a f
Publish At:2019-12-20 13:05 | Read:306 | Comments:0 | Tags:Software Malware

Maze Ransomware Operators Publish Victim Data Online

As if having their data encrypted wasn’t bad enough, businesses that fell victim to Maze ransomware now face another threat: their data could become public.For a while, Maze’s operators have been harvesting data from the victim organizations, to eventually use it as leverage if payment to decrypt files is not received. Now, they threaten to release the data
Publish At:2019-12-19 10:15 | Read:330 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud