HackDig : Dig high-quality web security articles for hacker

CSE CybSec ZLAB Malware Analysis Report: NotPetya

I’m proud to share with you the first report produced by Z-Lab, the Malware Lab launched by the company CSE CybSec. Enjoy the Analysis Report NotPetya. As most of you already know I have officially presented my new Co a couple of months ago, CybSec Enterprise is its name and we already started to work on strategic projects that we will reveal soon R
Publish At:2017-09-18 18:30 | Read:150 | Comments:0 | Tags:Breaking News Malware Reports malware Malware Analysis notpe

CCleaner supply chain compromised to distribute malware

CCleaner app version 5.33 that was available for download between August 15 and September 12 was modified to include the Floxif malware Bad news for the users of the CCleaner app, according to researchers with Cisco Talos, version 5.33 that was available for download between August 15 and September 12 was modified to include the Floxif malware. The Floxif m
Publish At:2017-09-18 18:30 | Read:125 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware CCleaner CCleaner

[SANS ISC] Getting some intelligence from malspam

I published the following diary on isc.sans.org: “Getting some intelligence from malspam“. Many of us are receiving a lot of malspam every day. By “malspam”, I mean spam messages that contain a malicious document. This is one of the classic infection vectors today and aggressive campaigns are started every week. Usually, most of them
Publish At:2017-09-18 08:05 | Read:106 | Comments:0 | Tags:Malware Security Splunk Intelligence SANS ISC

Premium SMS malware EXPENSIVEWALL infected millions of Android handsets

Google removed 50 malicious apps from the official Play Store after experts discovered a new malware, dubbed ExpensiveWall, eluded Google Bouncer checks. Google has removed 50 malicious apps from the official Play Store after experts with security firm Check Point discovered a new malware, dubbed ExpensiveWall,  eluded the checks of the Google’s Bounce
Publish At:2017-09-15 16:40 | Read:226 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android ExpensiveWa

BlueBorne Bluetooth hack could affect millions of smartphones

Bluetooth is an important smartphone technology, allowing us to transfer files, or to listen to music, wirelessly. It’s so useful that many people leave it switched on all the time. But researchers have discovered a vulnerability in the technology that allows hackers to take control of a victim’s phone remotely. Known as “BlueBorne”, the technique can be use
Publish At:2017-09-15 08:00 | Read:183 | Comments:0 | Tags:Mobile News Mobile Security Android Hackers Malware

Thousands of Elasticsearch installs compromised to host PoS Malware

Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech have discovered 4,000 compromised instances of open source analytics and search tool Elasticsearch that were running PoS malware. According to Kromtech, this is just
Publish At:2017-09-14 22:15 | Read:152 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime Elasticsearch m

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:185 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

Hangul Word Processor and PostScript Abused Via Malicious Attachments

The Hangul Word Processor (HWP) is a word processing application which is fairly popular in South Korea. It possesses the ability to run PostScript code, which is a language originally used for printing and desktop publishing, although it is a fully capable language. Unfortunately, this ability is now being exploited in attacks involving malicious attachment
Publish At:2017-09-14 10:15 | Read:122 | Comments:0 | Tags:Malware Vulnerabilities Encapsulated PostScript Hangul Word

BankBot Found on Google Play and Targets Ten New UAE Banking Apps

By Kevin Sun The Android-targeting BankBot malware (all variants detected by Trend Micro as ANDROIDOS_BANKBOT) first surfaced January of this year and is reportedly the improved version of an unnamed open source banking malware that was leaked in an underground hacking forum. BankBot is particularly risky because it disguises itself as legitimate banking app
Publish At:2017-09-13 15:50 | Read:153 | Comments:0 | Tags:Malware Mobile android bankbot google play

Bashware attack, how to run Linux malware on Windows systems

Experts found a new alarming method dubbed Bashware attack that allows attackers to silently run malware to bypass even the most common security solutions, The new Windows 10 feature Windows Subsystem for Linux (WSL) that implements the Linux bash terminal in Microsoft operating system could be exploited by malware to run undetected. The feature was recently
Publish At:2017-09-13 09:25 | Read:181 | Comments:0 | Tags:Breaking News Hacking Malware Bashware Linux on Windows Micr

Frost & Sullivan Report Highlights Rise in Phishing Attacks

Have you ever unknowingly opened and responded to a phishing email or fallen victim to a phishing attack? A recent report by Frost & Sullivan titled “You’ve Been Phished, Again! Solution: Eliminate the Click-It Temptation,” discussed just how susceptible we all are to these fraudulent attacks and what can be done to avoid them. How Do P
Publish At:2017-09-12 13:50 | Read:143 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Cognitive Secu

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:144 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

Crooks leverage Facebook CDN servers to bypass security solutions

Crooks are abusing Facebook CDN servers to deliver malware and evading detection exploiting the trust in the CDN network of the social networking giant. Crooks are abusing Facebook CDN (Content Delivery Network) servers to store malware and to deliver it evading detection exploiting the trust in the CDN network of the social network giant. Researchers from M
Publish At:2017-09-11 01:35 | Read:199 | Comments:0 | Tags:Breaking News Cyber Crime Malware Facebook CDN Hacking malwa

EMOTET Returns, Starts Spreading via Spam Botnet

We first detected the banking malware EMOTET back in 2014, we looked into the banking malware’s routines and behaviors and took note of its information stealing abilities via network sniffing. After a period of relative inactivity, it appears it’s making a comeback with increased activity from new variants (Detected by Trend Micro as TSPY_EMOTET.AUSJLA
Publish At:2017-09-07 22:45 | Read:207 | Comments:0 | Tags:Botnets Malware botnet EMOTET Trojan

Dragonfly 2.0: the sophisticated attack group is back with destructive purposes

While the first Dragonfly campaigns appear to have been a more reconnaissance phase, the Dragonfly 2.0 campaign seems to have destructive purposes. Symantec has spotted a new wave of cyber attacks against firms in the energy sector powered by the notorious Dragonfly group. The Dragonfly group, also known as Energetic Bear, has been active since at least 2011
Publish At:2017-09-07 16:19 | Read:189 | Comments:0 | Tags:APT Breaking News Hacking critical infrastructure Dragonfly


Share high-quality web security related articles with you:)


Tag Cloud