HackDig : Dig high-quality web security articles

Why E-Commerce Security Matters Now More Than Ever

In February 2020, the world’s biggest retailer, Amazon, fended off the largest distributed denial of service (DDoS) attack in history. As peak traffic volume hit 2.3 Tbps, e-commerce security experts declared this attack as “a warning we should not ignore.”  DDoS attacks are nothing new. Every day, security teams deal with these malic
Publish At:2021-04-07 19:25 | Read:130 | Comments:0 | Tags:Retail E-commerce E-commerce Transactions Online Security On

A Week in Security (Mar 13 – Mar 19)

Last week, we touched on a 419 scam, modding on games (in general), a much talked about iCloud scam that “may be worse than ransomware”—not to mention a number of threats targeting Apple users—and a Steam scam. Senior security researcher Jérôme Segura had once again unearthed a couple of malvertising campaigns. First, Segura revealed another roun
Publish At:2016-03-21 23:55 | Read:4503 | Comments:0 | Tags:Online Security recap weekly blog roundup

“Your Android is Expired!”

We’ve seen reports of a dubious URL being served up via mobile advertising over the last day or two. This is certainly the kitchen-sink approach to making a URL look as “legit” as possible: paly(dot)google(dot)com(dot)store(dot)apps(dot)siteadvisor(dot)club/5MBivfkif2mmhxluoImYurMuwz/pl/ The first part is supposed to look like the Play Stor
Publish At:2016-03-21 23:55 | Read:4633 | Comments:0 | Tags:Online Security advert advertising Mobile spam

TopFlix: a DNS Unlocker variant

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2016-03-18 05:05 | Read:6658 | Comments:0 | Tags:Online Security bundle wrapper dns hijacker Malwarebytes one

More Fake iPhone Discount News Sites Spotted

We thought we’ve seen the last of the iPhone 6-type scams in 2015. Nothing can be further from the truth. Recently, a fake news piece sporting the all-too-familiar design supposedly belonging to the BBC News is making rounds online, spreading the false word that Apple is now reducing their inventory—specifically, by selling scores of iPhone 6S units for £1 a
Publish At:2016-03-17 10:55 | Read:5651 | Comments:0 | Tags:Online Security fake iphone fake news gamification iPhone

Minecraft, Modding and You

Have your children lost entire jam sandwiches down the back of the sofa? Is your cat sick of water pistols? Do they download all the things? We can’t do much about the first two, but that last one is most definitely something we can assist you with. Minecraft is absolutely huge where children are concerned, and for many its their first introduction int
Publish At:2016-03-15 22:35 | Read:6885 | Comments:0 | Tags:Online Security games gaming minecraft modding

A Week in Security (Mar 06 – Mar 12)

Last week, our resident Mac expert Thomas Reed commented on KeRanger, the first ransomware targeting the OSX platform. We also found the “least visually convincing” 419 spam mail to date. In addition, we took apart Cerber, a new Ransomware-as-a-Service (RaaS) that others believe originated from the Russian underground. When it comes to RaaS, affi
Publish At:2016-03-15 04:25 | Read:4996 | Comments:0 | Tags:Online Security recap weekly blog roundup

Windows AppLocker: An Introduction

Windows AppLocker is a feature that was introduced in Windows 7 and Windows Server 2008 R2 as a means to limit the use of unwanted applications. AppLocker provides administrators with the ability to specify which users can run specific applications. AppLocker was designed to replace the Software Restriction Policies feature. It is considered a potentially po
Publish At:2016-03-11 09:50 | Read:6260 | Comments:0 | Tags:Online Security applocker blacklist exception Pieter Arntz r

A Week in Security (Feb 28 – Mar 05)

Last week, we touched on a Facebook video spam, a fake Google Docs phishing site, and a technical yet comprehensive (at least to those who know coding) tut on how to deobfuscate malicious VBScript files. When the ransomware variant known as Locky began to make headlines, malware analyst Hasherezade dissected several samples and explained their behaviour in t
Publish At:2016-03-08 09:30 | Read:5973 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Feb 14 – Feb 20)

Last week, we proudly revealed a number of brand new stuff from Malwarebytes: an enterprise solution, logo, and website. Heck, this blog was even renamed to Malwarebytes Labs. Do check out that post by our CEO Marcin Kleczynski for more details. We also talked about doxing—what it is and why it is illegal—and how one can protect themselves from it; revealed
Publish At:2016-02-23 01:55 | Read:5861 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Feb 07 – Feb 13)

  It’s time for our weekly roundup of all things Infosec! On the blog, we covered Safer Internet Day and then followed up with a very unsafe Internet, in the form of DMA Locker Ransomware. We took a look at a reasonably rare example of Airbnb phishing, and also explained how you can do your best to steer clear of PUPs. We finished things off with
Publish At:2016-02-17 01:15 | Read:4481 | Comments:0 | Tags:Online Security recap weekly blog roundup

Explained: Doxing

Definition of Doxing (sometimes written as doxxing): gathering identifiable information about a person or a group of people with the objective to shame, scare, blackmail or bully the target. What is it? The technique as such was already known in the 1990’s when Usenet users researched and posted the real names belonging to online handles that they had an arg
Publish At:2016-02-15 13:00 | Read:5635 | Comments:0 | Tags:Online Security domain privacy dox doxbin doxing doxxing hav

Play Your Part for a Better Internet

Today is the 12th Safer Internet Day (SID). Is this the first time you’ve heard about SID? No worries. The video below will brief you on what it’s all about, focusing on this year’s theme “Play Your Part for a Better Internet”. More Than an Invitation, It’s a Challenge In 2015, Insafe, the organization behind the SID global campaign, came up with the
Publish At:2016-02-09 12:20 | Read:5654 | Comments:0 | Tags:Online Security child security online cyberethics internet s

A Week in Security (Jan 31 – Feb 6)

It’s Monday, which means we have a roundup! Over the past week on Malwarebytes Unpacked, we’ve moved from a vulnerability disclosure and launch of a bug bounty program to a new form of Ransomware called DMA Locker. Nuclear Exploit Kit returned to cause problems with a large WordPress compromise campaign, and we weighed in on a problematic situati
Publish At:2016-02-08 18:15 | Read:5610 | Comments:0 | Tags:Online Security recap weekly blog roundup

Rogue Google Chrome Extension Spies On You

The popular Google Chrome browser has some of the best security tools baked in with features such as Safebrowsing which protects users from malicious websites. By extension, ChromeOS which powers the affordable Chromebooks is indeed one of the safest systems one can get these days. Even though the surface of attack is smaller than that of a typical Windows P
Publish At:2016-01-26 22:50 | Read:4940 | Comments:0 | Tags:Online Security browser chrome extension Google