HackDig : Dig high-quality web security articles for hacker

New Technique Allows Ransomware to Operate Undetected

A recently discovered technique allows ransomware to encrypt files on Windows-based systems without being detected by existing anti-ransomware products, Nyotron security researchers warn.Dubbed RIPlace, the technique allows malware to bypass defenses using the legacy file system "rename" operation, and the security researchers say it is effective even agains
Publish At:2019-11-25 22:15 | Read:239 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Malware

Cyberattack Hit 10% of Louisiana's State Government Servers

One in ten of Louisiana’s 5,000 computer network servers that power operations across state government were damaged by this week’s cyberattack, a key technology official told lawmakers Friday.Neal Underwood, Louisiana’s deputy chief information officer, said the ransomware attack wasn’t catastrophic to state government. No data was lost, and no ransom was pa
Publish At:2019-11-25 10:15 | Read:124 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Vi

Android bug puts your device’s camera at risk

Update your Android OS because hackers might be accessing your camera and photos A camera security threat for Android devices might have affected hundreds of millions of smartphone and tablet users. The chilling revelation made by researchers exposed a system vulnerability in Android devices that was allowing unauthorized remote use and access to the device’
Publish At:2019-11-22 16:15 | Read:157 | Comments:0 | Tags:Mobile News Mobile Security Android cybersecurity Malware

'DePriMon' Malware First to Use Port Monitor for Persistence

A newly discovered malware downloader achieves persistence through registering a new local port monitor, ESET’s security researchers report.Dubbed DePriMon, due to its use of the “Windows Default Print Monitor” name, the malware has a modular architecture and is complex enough for the researchers to consider it a framework.The threat appears to have been act
Publish At:2019-11-22 00:00 | Read:179 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

DopplePaymer Ransomware Spreads via Compromised Credentials: Microsoft

The DopplePaymer ransomware spreads via existing Domain Admin credentials, not exploits targeting the BlueKeep vulnerability, Microsoft says.The malware, which security researchers believe to have been involved in the recent attack on Mexican state-owned oil company Petróleos Mexicanos (Pemex), has been making the rounds since June 2019, with some earlier sa
Publish At:2019-11-21 10:15 | Read:159 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

The cybercrime ecosystem: attacking blogs

Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat landscape to provide a more realistic understanding of why thi
Publish At:2019-11-21 06:05 | Read:211 | Comments:0 | Tags:Research code injection Data leaks Malware SQL injection Vul

Meet Phoenix Keylogger, a New Malware-as-a-Service Product Gaining Traction

Phoenix Keylogger Attempts to Disable More Than 80 security Products, Exfiltrates Data Direct from MemoryThe Phoenix Keylogger, operating at the cusp of keylogger and infostealer, was launched in July 2019. It is sold as malware-as-a-service (MaaS), and appears to be gaining traction in the criminal underworld.Nocturnus, the research team from Cybereaso
Publish At:2019-11-20 22:15 | Read:171 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Malware

Mac Backdoor Linked to Lazarus Targets Korean Users

By Gabrielle Joyce Mabutas Criminal interest in MacOS continues to grow, with malware authors churning out more threats that target users of the popular OS. Case in point: A new variant of a Mac backdoor (detected by Trend Micro as Backdoor.MacOS.NUKESPED.A) attributed to the cybercriminal group Lazarus, which was observed targeting Korean users with a macro
Publish At:2019-11-20 14:35 | Read:249 | Comments:0 | Tags:Malware Targeted Attacks Lazarus mac backdoor mac malware

Cryptocurrency Stealer Delivered From Official Monero Website

The official website for the Monero cryptocurrency was hacked recently and attackers replaced legitimate wallet files offered for download with a malicious version.The breach was discovered on November 18 after someone noticed that the hashes for the Linux CLI wallet available for download on getmonero.org did not match the hashes provided by the software’s
Publish At:2019-11-20 10:15 | Read:313 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Fake Windows Update Delivers Cyborg Ransomware

A fake Windows Update spam campaign has been dropping the Cyborg ransomware. The mail delivery mechanism claims to come from Microsoft. It directs the potential victim to an attachment described as the 'latest critical update'."The fake update attachment," writes Trustwave (who discovered the campaign), "although having a '.jpg' file extension, is an executa
Publish At:2019-11-19 22:15 | Read:252 | Comments:0 | Tags:NEWS & INDUSTRY Malware

Ransomware Attack Hits Louisiana State Servers

Louisiana Governor John Bel Edwards on Monday revealed that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team.The incident appears to have affected only some of the state’s servers, but the Office of Technology Services (OTS) decided to take offline all of the servers in an effort to ensure that the infection is
Publish At:2019-11-19 10:15 | Read:154 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ph

Visa Warns of New JavaScript Skimmer 'Pipka'

A new JavaScript skimmer targets data entered into the payment forms of ecommerce merchant websites, Visa Payment Fraud Disruption (PFD) warns.Dubbed Pipka, the skimmer was discovered on an ecommerce website previously infected with the JavaScript skimmer known as Inter, but it has infected at least sixteen other merchant websites as well.What sets Pipka apa
Publish At:2019-11-14 22:15 | Read:101 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Fraud & Identity

Iranian APT33 Hackers Use Special Botnets for High-Value Targets in U.S.

An Iran-linked cyberespionage group tracked as APT33 has used obfuscated botnets as part of attacks aimed at high-value targets located in the United States, the Middle East and Asia, Trend Micro reported on Thursday.APT33, which some experts believe has been active since at least 2013, is also known as Refined Kitten, Elfin, Magnallium and Holmium. It has t
Publish At:2019-11-14 12:00 | Read:205 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Virus &

Mexican Oil Company Pemex Hit by Ransomware

Mexican state-owned oil company Petróleos Mexicanos (Pemex) on Sunday suffered a ransomware attack that took down parts of its network.The attack, the company claims, was quickly neutralized and only impacted less than 5% of the computers in its network.In an attempt to stop any rumors related to the suffered attack, the company also pointed out that it is o
Publish At:2019-11-12 22:15 | Read:292 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Hosting Provider SmarterASP.NET Recovering From Ransomware Attack

ASP.NET hosting provider SmarterASP.NET is currently working on recovering customer data after being hit by a ransomware attack over the weekend.Operating since 1999, SmarterASP.NET has datacenters in the United States and Europe and serves over 440,000 customers worldwide.On Saturday, the company fell victim to a ransomware attack that resulted in its custo
Publish At:2019-11-12 10:15 | Read:203 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Virus & Malware Ma

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud