HackDig : Dig high-quality web security articles for hacker

APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches

The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed
Publish At:2017-10-23 00:30 | Read:2771 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Adobe Flash CVE-2017

URSNIF spam campaign expose new macro evasion tactics

Trend Micro recently observed a new campaign leveraging the Ursnif banking Trojan using new malicious macro tactics payload delivery and evade detection. Researchers at Trend Micro have recently spotted a new campaign leveraging the Ursnif banking Trojan featuring new malicious macro tactics for payload delivery. Malicious macros are widely adopted by crook
Publish At:2017-10-22 06:06 | Read:1859 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime macros

A new Mirai-Like IoT Botnet is growing in a new mysterious campaign

Malware researchers at Check Point have uncovered a new massive IoT botnet that presented many similarities with the dreaded Mirai. The new thing bot emerged at the end of September and appears much more sophisticated, according to the experts the malware already infected more than one million organizations worldwide. The malicious code tries to exploit many
Publish At:2017-10-22 06:05 | Read:1479 | Comments:0 | Tags:Breaking News Hacking Internet of Things Malware Cybercrime

Necurs botnet now spreading the Locky Ransomware via DDE Attacks

Operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection leveraging the DDE protocol. Security experts are continuing to observe the Locky ransomware spreading via spam campaigns that rely on the Necurs botnet. Now operators behind Locky ransomware campaigns have switched to new attack techniques to evade detectio
Publish At:2017-10-22 06:05 | Read:1237 | Comments:0 | Tags:Breaking News Malware botnet DDE attack Hacking Locky Ransom

Assemblyline – Canada’s CSE intelligence Agency releases its malware analysis tool

Canada’s Communications Security Establishment (CSE) intel agency has released the source code for one of its malware analysis tools dubbed Assemblyline. The Canada’s Communications Security Establishment (CSE) intelligence agency has released the source code for one of its malware detection and analysis tools dubbed Assemblyline. The Assemblyline tool is wr
Publish At:2017-10-22 06:05 | Read:2289 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware Assemblyline Cana

Proton malware spreading through supply-chain attack, victims should wipe their Macs

The dreaded Proton malware was spreading through a new supply-chain attack that involved the Elmedia apps, victims should wipe their Macs Bad news for Mac users, a new malware is threatening them of a complete system wipe and reinstall. Crooks are distributing the malware in legitimate applications, the popular Elmedia Player and download manager Folx develo
Publish At:2017-10-22 06:05 | Read:1059 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking Mac mal

Diving Into Zberp’s Unconventional Process Injection Technique

IBM X-Force Research recently discovered a small-scale malware campaign involving a Neutrino bot, aka Kasidet, dropping a payload that contains two Zeus malware breeds: Atmos and Zberp. Both of these codes are based on the leaked source code of the Zeus V2 banking Trojan that was exposed publicly in 2011. The Zberp Trojan, which is a subvariant of ZeusVM mix
Publish At:2017-10-22 05:01 | Read:2962 | Comments:0 | Tags:Malware X-Force Research Banking Trojan Carberp Carberp sour

New Malicious Macro Evasion Tactics Exposed in URSNIF Spam Mail

by John Anthony Bañes Malicious macros are commonly used to deliver malware payloads to victims, usually by coercing victims into enabling the macro sent via spam email. The macro then executes a PowerShell script to download ransomware or some other malware. Just this September EMOTET, an older banking malware, leveraged this method in a campaign that saw i
Publish At:2017-10-21 18:05 | Read:1696 | Comments:0 | Tags:Malware macro sandbox Spam

A Cybersecurity Proof: The Application is the Endpoint

Vulnerable applications and browsers are the persistent data breach entry points—it’s not about the files Isolation is the only solution that can absolutely eliminate kernel-level exploits and malware escapes It’s time to rethink information security defense around fewer, smarter, yet more effective layers You have many more endpoints than you think. How m
Publish At:2017-10-21 16:25 | Read:1769 | Comments:0 | Tags:Threats access points application attack vector endpoint End

Russian spies pilfered data from NSA Contractor’s home PC running a Kaspersky AV

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious c
Publish At:2017-10-06 11:30 | Read:1549 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware antivirus cyber e

SYSCON Backdoor Uses FTP as a C&C Channel

By Jaromir Horejsi (Threat Researcher) Bots can use various methods to establish a line of communication between themselves and their command-and-control (C&C) server. Usually, these are done via HTTP or other TCP/IP connections. However, we recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C se
Publish At:2017-10-05 23:30 | Read:2642 | Comments:0 | Tags:Malware backdoor FTP SYSCON

CSE CybSec ZLAB Malware Analysis Report: APT28 Hospitality malware

The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle East. This attack is performed
Publish At:2017-10-05 17:05 | Read:1666 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware APT28 cyber espionag

Experts discovered a SYSCON Backdoor using FTP Server as C&C

Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon fo
Publish At:2017-10-05 17:05 | Read:2997 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware backdoor botnet Cy

Intezer researchers link CCleaner hack to Chinese APT17 hackers

Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of
Publish At:2017-10-04 22:40 | Read:2606 | Comments:0 | Tags:APT Breaking News Hacking Malware APT17 CCleaner version 5.3

POS Malware Breach Sees Payment Cards Hit Underground Shops

News about POS malware breaches affecting two retailers hit the headlines last week, this time featuring a fast-food restaurant chain in the U.S. that operates around 3,500 locations across the country, most of which are franchised, and a popular supermarket. Both entities, like others before them, were notified of suspicious activity by a third-party servic
Publish At:2017-10-04 03:05 | Read:3511 | Comments:0 | Tags:Data Protection Fraud Protection Malware Retail Threat Intel

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud