HackDig : Dig high-quality web security articles

Nuclear missile contractor hacked in Maze ransomware attack

byLisa VaasThe US is protected by what’s known as a nuclear triad: a three-pronged attack force that consists of land-launched nuclear missiles, nuclear missiles on submarines, and aircraft equipped with nuclear bombs and missiles.One of the triad’s legs – the land-based LGM-30 Minuteman intercontinental ballistic missile (ICBM) – has
Publish At:2020-06-04 08:45 | Read:1396 | Comments:0 | Tags:Data loss Government security Ransomware Security threats ba

What is NEI 08-09?

Most organizations with industrial control systems (ICS) fall into one of two categories: regulated and non-regulated. For those subject to government imposed regulatory requirements, the selection of a cybersecurity framework is obviously compelling. Such is the case with the nuclear energy industry and NEI 08-09.The nuclear energy industry is one of the sa
Publish At:2019-10-18 10:10 | Read:1848 | Comments:0 | Tags:ICS Security Regulatory Compliance ics NEI 08-09 nuclear

Hackers Stole Data and Personal Information from Nuclear Research Center

Hackers stole nuclear research data and personal information off of a computer at the University of Toyama’s Hydrogen Isotope Research Center.According to university officials, the hackers posed as a Tokyo university student to deliver a malware-laden document to a teaching member at the center, which conducts research on hydrogen, deuterium, and tritium for
Publish At:2016-10-18 17:25 | Read:4439 | Comments:0 | Tags:Latest Security News data exfiltration hackers IAEA nuclear

Targeted Attack Caused “Disruption” at Nuclear Plant, Confirms IAEA Chief

The chief of the International Atomic Energy Agency (IAEA) has confirmed a targeted attack caused “some disruption” at a nuclear power plant.Yukiya Amano, director of the IAEA, said the attack was not destructive, a term which some have used to describe the 2014 Sony hack because actors destroyed corporate data and denied employees access to some
Publish At:2016-10-12 14:25 | Read:4826 | Comments:0 | Tags:Latest Security News BlackEnergy IAEA malware nuclear risk

Former TVA manager admits China paid him for nuclear secrets

A Tennessee Valley Authority senior manager, with access to sensitive information about nuclear development and production admits China paid him for secrets The People’s Republic of China (PRC) has been conducting military and commercial espionage for quite some time against the United States, as well as other countries, in an attempt to capture sensitive in
Publish At:2016-05-03 11:50 | Read:8076 | Comments:0 | Tags:Breaking News Intelligence Security China Espionage Nuclear

“Nuclear” exploit kit service cashes in on demand from cryptoransomware rings

Security researchers at Cisco Talos and Check Point have published reports detailing the inner workings of Nuclear, an "exploit kit" Web service that deployed malware onto victims' computers through malicious websites. While a significant percentage of Nuclear's infrastructure has been recently disrupted, the exploit kit is still operating—and looks to be a
Publish At:2016-04-22 16:25 | Read:6291 | Comments:0 | Tags:Risk Assessment Technology Lab DigitalOcean exploit kits nuc

Gate To Nuclear EK Uses Fake CloudFlare DDoS Check

There has been a lot of talk about Nuclear EK recently, following Sucuri’s discovery about a large number of WordPress sites getting compromised to redirect to the exploit infrastructure. Here is another interesting spin: a Nuclear EK gate using a decoy CloudFlare DDoS check page while instead loading a malicious redirection that ultimately triggers th
Publish At:2016-02-08 18:15 | Read:5347 | Comments:0 | Tags:ExploitKits EK exploit fake Nuclear wordpress Cloud DDOS

Mysterious spike in WordPress hacks silently delivers ransomware to visitors

It's still not clear how, but a disproportionately large number of websites that run on the WordPress content management system are being hacked to deliver crypto ransomware and other malicious software to unwitting end users.In the past four days, researchers from three separate security firms have reported that a large number of legitimate WordPress sites
Publish At:2016-02-05 03:25 | Read:7431 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab exploits malwa

Angler Exploit Kit Spreading Cryptowall 4.0 Ransomware

As expected, it didn’t take long for one of the most popular exploit kits, Angler, to start spreading the latest iteration of Cryptowall ransomware.A drive-by campaign that uses a one-two punch to drop Cryptowall 4.0 has been observed in the wild this week, according to researchers at Heimdal Security. First, the password stealing malware Pony is dro
Publish At:2015-12-03 05:35 | Read:4313 | Comments:0 | Tags:Malware Ransomware angler Cryptowall Cryptowall 4.0 exploit

Official Premier League Fantasy Website Pushes Malvertising

Soccer, or rather football aficionados in the UK may have had their computers infected whilst browsing the Premier League’s official fantasy website fantasy.premierleague.com. A malicious advert displayed on the sports portal which draws in over 16 million visitors per month according to SimilarWeb automatically redirected unsuspecting soccer fans to t
Publish At:2015-11-11 03:00 | Read:5440 | Comments:0 | Tags:Malvertising exploit exploit kit malvertising Nuclear

Recent Flash Zero-Day Now Part of Exploit Kits

The Adobe Flash Player continues to be the favourite browser plugin threat actors have been focusing on this year. The recent zero-day exploit that was used in targeted attacks is now part of mainstream exploit kits. Angler EK and Nuclear EK now include the latest CVE-2015-7645 which was patched by Adobe on October 16. This vulnerability affects Adobe Flash
Publish At:2015-10-30 21:00 | Read:4524 | Comments:0 | Tags:Exploits angler Flash Player Nuclear zero day exploit

Double Dipping: Nuclear exploit, fake BSOD, support scams

Double Dipping: Nuclear exploit, fake BSOD, support scams Posted by David Harley on July 31, 2015.Support scam articles are like buses: there’s nothing happening for months, then there are half a dozen at once. I’ve already mentioned in several places a burst of issues rela
Publish At:2015-07-31 17:20 | Read:6037 | Comments:0 | Tags:David Harley BSOD malwarebytes Nuclear support scams Virus B

Hacking Team Flash Zero-Day Integrated Into Exploit Kits

Feedback from the Trend Micro™ Smart Protection Network™ has allowed us to learn that the Angler Exploit Kit and Nuclear Exploit Pack have been updated to include the recent Hacking Team Flash zero-day. In addition, Kafeine said, Neutrino Exploit Kit also has included this zero-day. The existence of this particular vulnerability was just leaked from Hacking
Publish At:2015-07-08 09:05 | Read:4933 | Comments:0 | Tags:Exploits Malware Vulnerabilities adobe flash Angler exploit

Why Adobe issued the Out-of-Band Flash Player Update for CVE-2014-8439?

Adobe has released yesterday an out-of-band update to fix a critical remote code-execution vulnerability CVE-2014-8439 in Flash Player that is being exploited in the wild. Adobe has released an emergency patch to patch a critical remote code-execution vulnerability (CVE-2104-8439) affecting Flash Player that was already fixed
Publish At:2014-11-26 09:30 | Read:6217 | Comments:0 | Tags:Security Adobe Angler CVE-2014-8439 Cybercrime Exploit kits

Box.php Fraud Kit

I’ve been researching that fake Adobe Flash update and Neutrino EK redirect that other fine researchers have been writing about: blog.spiderlabs.com/2014/01/beware-bats-hide-in-your-jquery-.html blog.sucuri.net/2014/01/website-mesh-networks-distributing-malware.html www.f-secure.com/weblog/archives/00002659.html blog.malwarebytes.org/online-security/20
Publish At:2014-08-10 15:11 | Read:7788 | Comments:0 | Tags:Exploit Packs Malscript fraud neutrino nuclear social engine

Tag Cloud