HackDig : Dig high-quality web security articles for hacker

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require
Publish At:2017-10-21 15:05 | Read:981 | Comments:0 | Tags:Featured Research Adobe APT Microsoft Word Vulnerabilities a

A simple example of a complex cyberattack

We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it ‘M
Publish At:2017-09-26 14:25 | Read:1004 | Comments:0 | Tags:Research DLL hijacking Dropper Microsoft Word Social Enginee

An (un)documented Word feature abused by attackers

A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. However, a close inspection revealed that they contained several links to PHP
Publish At:2017-09-18 17:05 | Read:1297 | Comments:0 | Tags:Featured Research Microsoft Word Targeted Attacks Vulnerabil

When All Else Fails in Cybersecurity, Application Isolation Does Not

We hear about cybersecurity fails all the time. We’re happy to tell you it doesn’t have to be that way. Application isolation and containment based on virtualization is delivering results. The NSA has called out this strategy as the way forward for stopping advanced threats. To many technology folks, Application Isolation may be a new term when
Publish At:2017-07-26 12:05 | Read:1221 | Comments:0 | Tags:Threats application isolation control demo government Isolat

Breach at DocuSign Led to Targeted Email Malware Campaign

DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems. The company stresses that the data stolen was limited to customer and user email addresses, but the incident is especially dangerou
Publish At:2017-05-16 17:55 | Read:1776 | Comments:0 | Tags:Other DocuSign breach DocuSign phishing macro exploit Micros

Dyre Botnet Using Malicious Microsoft Word Macros

The Dyre group, a major malware spam producer, has changed their initial malware dropper to utilize Microsoft Word document macros instead of the usual executable types, such as .exe files contained in a .zip. Dyre’s Hedsen spambot, responsible for the bulk of Upatre emails we’ve been tracking, now uses a template to send infected-macro Word files as s
Publish At:2015-06-09 06:40 | Read:1998 | Comments:0 | Tags:Featured ThreatTrack Security Labs botnet Dyre macro microso

Your Tax Refund with a Data Kidnapping Twist!

Oh, how procrastination gets all of us! April 15th is the U.S. tax deadline and it looks like most of us will be coming down to the wire on declaring our taxes and holding our collective breath in expectation of that sweet, sweet refund. Sadly, our malware writing friends are aware of this and their discipline has proven far superior. Knowing that many are o
Publish At:2015-04-14 09:11 | Read:1961 | Comments:0 | Tags:Blog Research Malicious spam Microsoft Word Ransomware Socia

Don't Feel Left Out: Ransomware for IT Security Enthusiasts!

Macros are so hot right now It's getting dark outside and our favorite mail client beeps with excitement for a new missive in our inbox, something interesting perhaps? A rapid glimpse at the contents of the message should indicate that a malicious campaign will play the starring role in what follows. An included attachment reveals itself as a malicious
Publish At:2015-04-07 17:00 | Read:1603 | Comments:0 | Tags:Blog Research Macros Malicious spam Malware Technologies Mic

Beware the “Insert and Link” Feature in Microsoft Office

Throughout course of my monitoring future and possible targeted attacks, I recently chanced upon a spear-phishing email sent to an undisclosed recipient that contains three seemingly harmless documents. I was curious about the attached documents so I first checked the one titled AlSajana Youth Center financial Report.docx. The so-called financial report turn
Publish At:2015-03-18 21:35 | Read:1396 | Comments:0 | Tags:Malware Microsoft Office Microsoft Word

Obfuscated malicious office documents adopted by cybercriminals around the world

After going out of fashion for a number of years, malicious macros inside Office files have recently experienced a revival. And why not, especially if they are a lot cheaper than exploits and capable of doing the same job? Yes, that's right, cybercriminals are busily recycling this old technique, introducing new obfuscation forms to make it more effective. L
Publish At:2014-08-10 13:33 | Read:3071 | Comments:0 | Tags:Blog Research Banker Base64 Email Excel Macro Microsoft Word

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud