HackDig : Dig high-quality web security articles for hacker

Handling Malware Delivered Into .daa Files

Bad guys are always trying to use “exotic” file extensions to deliver their malicious payloads. If common dangerous extensions are often blocked by mail security gateways, there exists plenty of less common extensions. These days, with the COVID19 pandemic, we are facing a peak of phishing and scams trying to lure victims. I spotted one that uses
Publish At:2020-04-03 09:16 | Read:108 | Comments:0 | Tags:Malware Security Software DAA PowerISO

Firefox, IE Vulnerabilities Exploited in Attacks on China, Japan

Vulnerabilities patched earlier this year in Firefox and Internet Explorer have been exploited by an advanced persistent threat (APT) actor in attacks aimed at China and Japan.The Firefox vulnerability is CVE-2019-17026, which Mozilla patched in early January, and the Internet Explorer flaw is CVE-2020-0674, which Microsoft patched in February with its month
Publish At:2020-04-02 12:27 | Read:54 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Virus &

New COVID19 wiper overwrites MBR making computers unusable

A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR. SonicWall’s security researchers have discovered a new piece of malware that exploits the current COVID19 outbreak to render computers unusable by overwriting the master boot record (MBR). Unfortunately, this is one of the
Publish At:2020-04-02 11:00 | Read:119 | Comments:0 | Tags:Breaking News Cyber Crime Malware coronavirus covid19 hackin

Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak

Crooks target Android users working from home due to the Coronavirus outbreak with a Trojanized version of the popular video messaging app Zoom. Security experts from Bitdefender have spotted tainted versions of the Android Zoom video-conferencing application that is targeting users working from home due to the Coronavirus outbreak. Researchers detecte
Publish At:2020-04-02 09:58 | Read:86 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android coronavirus

Coronavirus Malware Makes Devices Unusable by Overwriting MBR

A newly discovered piece of malware is taking advantage of the current COVID-19 pandemic to render computers unusable by overwriting the MBR (master boot record).Cybercriminals were quick to exploit the coronavirus crisis for their malicious attacks, including phishing, malware infections, and the likes, and it did not take long for state-sponsored threat ac
Publish At:2020-04-02 08:39 | Read:113 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Nigerian Threat Actors Specializing in BEC Attacks Continue to Evolve

The Nigerian business email compromise (BEC) threat actors referred to as SilverTerrier have intensified assaults on multiple industries and should be considered an established threat, Palo Alto Networks says.In February, the FBI’s Internet Crime Complaint Center (IC3) revealed that reported BEC and email account compromise (EAC) losses topped $1.7 billion,
Publish At:2020-04-02 06:45 | Read:126 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Malware Cyber

Vollgar Campaign Targets MS-SQL Servers With Backdoors, Crypto-Miners

A recently uncovered attack campaign that stayed under the radar since May 2018 is targeting devices running MS-SQL servers with backdoors and crypto-miners, Guardicore Labs reveals.Dubbed Vollgar, the campaign managed to infect roughly three thousand database machines daily, with victims in sectors such as healthcare, aviation, IT and telecommunications, an
Publish At:2020-04-02 01:04 | Read:92 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet, tracked as Vollgar botnet, that is targeting MSSQL databases since 2018. The botnet is used to launch brute-force attacks against MSSQL databases to take
Publish At:2020-04-01 15:00 | Read:155 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet crypto Hacking it s

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:161 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

New Raccoon Stealer uses Google Cloud Services to evade detection

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able
Publish At:2020-04-01 05:40 | Read:136 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking information securi

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. LimeRAT is a powerful Remote Administration Tool publicly available as
Publish At:2020-04-01 04:01 | Read:123 | Comments:0 | Tags:Breaking News Cyber Crime Malware hacking news information s

Raccoon Stealer’s Abuse of Google Cloud Services and Multiple Delivery Techniques

With additional insights/analysis from Augusto Remillano II and Don Ovid Ladores Raccoon emerged as Malware as a Service (MaaS) last April 2019. Despite its simplicity, Raccoon became popular among cybercriminals and was mentioned as a notable emerging malware in underground forums in a malware popularity report. The malware is capable of stealing login cred
Publish At:2020-03-31 23:40 | Read:161 | Comments:0 | Tags:Malware info stealer MaaS Cloud

FBI Warns of Ongoing Kwampirs Attacks Targeting Global Industries

A malicious campaign is targeting organizations from a broad range of industries with a piece of malware known as Kwampirs, the Federal Bureau of Investigation warns.Initially detailed in 2018, the malware is a custom backdoor associated with a threat actor tracked as Orangeworm, which has been active since at least 2015, mainly targeting organizations in th
Publish At:2020-03-31 14:55 | Read:117 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vi

Holy Water targets religious figures and charities in Asia

Holy Water – An APT group compromised a server hosting Web pages belonging mainly to religious figures and charities to carry out watering hole attacks. On December 4, 2019, Kaspersky experts discovered a watering hole attack, tracked Holy Water, aimed at an Asian religious and ethnic group. The campaign has been active since at least May 2019 and
Publish At:2020-03-31 11:45 | Read:116 | Comments:0 | Tags:Breaking News Hacking Malware APT drive-by downloads it secu

FBI warns of nation-state actors using the Kwampirs malware

For the third time in a few weeks, the FBI has issued an alert about supply chain attacks carried out by nation-state actors using the Kwampirs malware. The FBI has issued an alert about supply chain attacks using the Kwampirs malware as part of a hacking campaign carried out on a global scale by state-sponsored hackers. The FBI has issued an alert o
Publish At:2020-03-31 08:39 | Read:193 | Comments:0 | Tags:APT Breaking News Hacking Malware coronavirus covid19 hackin

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud