HackDig : Dig high-quality web security articles

Threat in your browser: what dangers innocent-looking extensions hold for users

Whether you want to block ads, keep a to-do list or check your spelling, browser extensions allow you to do all of the above and more, improving convenience, productivity and efficiency for free, which is why they are so popular. Chrome, Safari, Mozilla — these and many other major Web browsers — have their own online stores to distribute thousands of extens
Publish At:2022-08-16 05:46 | Read:144 | Comments:0 | Tags:Research Adware Browser Browser Plugins Data theft Firefox G

IT threat evolution Q2 2022

IT threat evolution in Q2 2022 IT threat evolution in Q2 2022. Non-mobile statistics IT threat evolution in Q2 2022. Mobile statistics Targeted attacks New technique for installing fileless malware Earlier this year, we discovered a malicious campaign that employed a new technique for installing fileless malware on target machines by injecting a shellcode
Publish At:2022-08-15 09:56 | Read:134 | Comments:0 | Tags:Malware reports APT Backdoor Cyber espionage Emotet Fileless

IT threat evolution in Q2 2022. Non-mobile statistics

IT threat evolution in Q2 2022 IT threat evolution in Q2 2022. Non-mobile statistics IT threat evolution in Q2 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q2 2022: Ka
Publish At:2022-08-15 09:56 | Read:189 | Comments:0 | Tags:Malware reports Adware Apple MacOS Financial malware Interne

VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns (PowerPepper was later documented in 2020). Notably, we exposed why we believe the threat actor may fit a group of mercenaries, offering hack-for-hire services, or acting as an information broker to
Publish At:2022-08-10 06:25 | Read:304 | Comments:0 | Tags:APT reports Cryptocurrencies Malware Descriptions Malware Te

Andariel deploys DTrack and Maui ransomware

On July 7, 2022, the CISA published an alert, entitled, “North Korean State-Sponsored Cyber Actors Use Maui Ransomware To Target the Healthcare and Public Health Sector,” related to a Stairwell report, “Maui Ransomware.” Later, the Department of Justice announced that they had effectively clawed back $500,000 in ransom payments to the
Publish At:2022-08-09 06:25 | Read:198 | Comments:0 | Tags:APT reports Andariel APT Malware Descriptions Malware Techno

LofyLife: malicious npm packages steal Discord tokens and bank card data

On July 26, using the internal automated system for monitoring open-source repositories, we identified four suspicious packages in the Node Package Manager (npm) repository. All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign “LofyLife”. Description of the proc-title package (Tra
Publish At:2022-07-28 09:07 | Read:417 | Comments:0 | Tags:Incidents Data theft JavaScript Malware Descriptions Node.js

APT trends report Q2 2022

For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They ar
Publish At:2022-07-28 06:24 | Read:220 | Comments:0 | Tags:APT reports APT Chinese-speaking cybercrime Firmware Lazarus

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Introduction Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they may seem attractive to attackers, creating them poses significant technical challenges and the slightest programming error has the potential to completely crash the victim machine. In our APT predictions for 2022, we noted
Publish At:2022-07-25 06:24 | Read:414 | Comments:0 | Tags:APT reports Drivers Firmware Malware Descriptions Malware Te

Luna and Black Basta — new ransomware for Windows, Linux and ESXi

Introduction In our crimeware reporting service, we analyze the latest crime-related trends we come across. If we look back at what we covered last month, we will see that ransomware (surprise, surprise!) definitely stands out. In this blog post, we provide several excerpts from last month’s reports on new ransomware strains. Luna: brand-new ransomwar
Publish At:2022-07-20 05:09 | Read:408 | Comments:0 | Tags:Malware descriptions Cross-platform malware Cybercrime Data

The SessionManager IIS backdoor

Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And we didn’t come back empty-handed… In 2021, we noticed a trend among several threat actors for deploying a backdoor within IIS after exploiting one of the ProxyLogo
Publish At:2022-06-30 05:09 | Read:569 | Comments:0 | Tags:APT reports APT Backdoor Malware Descriptions Malware Techno

APT ToddyCat

ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. We still have little information about this actor, but we know that its main distinctive signs are two formerly unknown tools that we call &#
Publish At:2022-06-21 06:17 | Read:817 | Comments:0 | Tags:APT reports APT Backdoor Dropper Encryption Malware Descript

WinDealer dealing on the side

Introduction LuoYu is a lesser-known threat actor that has been active since 2008. It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. In their initial disclosures on this threat actor,
Publish At:2022-06-02 06:16 | Read:814 | Comments:0 | Tags:APT reports APT Chinese-speaking cybercrime Google Android I

IT threat evolution in Q1 2022. Non-mobile statistics

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q1 2022: Ka
Publish At:2022-05-27 06:16 | Read:1297 | Comments:0 | Tags:Malware reports Apple MacOS Financial malware Internet of Th

IT threat evolution Q1 2022

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics Targeted attacks MoonBounce: the dark side of UEFI firmware Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019
Publish At:2022-05-27 06:16 | Read:1644 | Comments:0 | Tags:Malware reports APT BlueNoroff Industrial threats Lazarus Ma

IT threat evolution in Q1 2022. Mobile statistics

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q1 2022: 6,463,414 mobil
Publish At:2022-05-27 06:16 | Read:1714 | Comments:0 | Tags:Malware reports Adware Fraud Google Android Malware Malware

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud