HackDig : Dig high-quality web security articles for hackers

Pawn Storm Abuses Open Authentication in Advanced Social Engineering Attacks

Pawn Storm is an active and aggressive espionage actor group that has been operating since 2004. The group uses different methods and strategies to gain information from their targets, which are covered in our latest research. However, they are particularly known for dangerous credential phishing campaigns. In 2016, the group set up aggressive credential phi
Publish At:2017-04-25 19:50 | Read:5056 | Comments:0 | Tags:Targeted Attacks OAuth Pawn Storm

BitDefender found the first MAC OS version of the X-Agent used by the APT28

Security experts at Bitdefender discovered a MAC OS version of the X-Agent malware used by the Russian APT28 cyberespionage group. Security experts at BitDefender have discovered a MAC OS malware program that’s likely part of the arsenal of the dreaded Russian APT 28 group (aka Pawn Storm, Sednit, Sofacy, Fancy Bear and Tsar Team). The Russian nation-s
Publish At:2017-02-15 05:05 | Read:5687 | Comments:0 | Tags:APT Breaking News Cyber warfare Intelligence Malware APT 28

How Cyber Propaganda Influenced Politics in 2016

Throughout history, politically motivated threat actors have been interested in changing the public opinion to reach their goals. In recent years the popularity of the Internet gave these threat actors new tools. Not only do they make use of social media to spin the news, spread rumors and fake news, but they also actively hack into political organizations.
Publish At:2017-01-12 16:40 | Read:5392 | Comments:0 | Tags:Social Targeted Attacks cyber propaganda Pawn Storm

Pawn Storm Ramps Up Spear-phishing Before Zero-Days Get Patched

by Feike Hacquebord and Stephen Hilt  The effectiveness of a zero-day quickly deteriorates as an attack tool after it gets discovered and patched by the affected software vendors. Within the time between the discovery of the vulnerability and the release of the fix, a bad actor might try to get the most out of his previously valuable attack assets. This is e
Publish At:2016-11-19 12:05 | Read:4573 | Comments:0 | Tags:Exploits Targeted Attacks Vulnerabilities Adobe zero-day exp

The Reincarnation of a Bulletproof Hoster

In April 2016, security firm Trend Micro published a damning report about a Web hosting provider referred to only as a “cyber-attack facilitator in the Netherlands.” If the Trend analysis lacked any real punch that might have been because — shortly after the report was published — names were redacted so that it was no longer immediate
Publish At:2016-08-03 23:10 | Read:7466 | Comments:0 | Tags:A Little Sunshine Breadcrumbs botland@masrawy.com connectpow

Clinton campaign servers were accessed as part of DNC hack

Media outlet continues to publish news regarding the DNC hack, computer servers used by Clinton campaign were compromised as part of DNC hack. The news of the recent Democratic National Convention (DNC) hack is monopolizing the technological debate around the US presidential campaign. Yesterday I reported the news of another hack against the operation of the
Publish At:2016-07-31 13:45 | Read:4739 | Comments:0 | Tags:Breaking News Hacking Intelligence APT28 Clinton Fancy Bear

Pawn Storm APT group targets thousands Google Accounts

Russian cyber spies belonging to the Pawn Storm APT group have targeted a significant number of Google accounts belonging to individuals worldwide. The Pawn Storm APT group is once again in the headlines, this time the hackers targeted a significant number of Google accounts belonging to individuals in Russia, former Soviet Union countries, the United States
Publish At:2016-06-29 13:30 | Read:4438 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Intelligence Christian D

Linux Fysbis Trojan, a new weapon in the Pawn Storm’s arsenal

Malware researchers at PaloAlto discovered the Fysbis Trojan, a simple and an effective Linux threat used by the Russian cyberspy group Pawn Storm. Do you remember the Pawn Storm hacking crew? Security experts have identified this group of Russian hackers with several names, including APT28, Sofacy or Sednit, it has been active since at least 2007. The name 
Publish At:2016-02-18 02:50 | Read:4153 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Intelligence Malware APT

3Q 2015 Security Roundup: Current Threats Forecast Impending Attack Scenarios

When experts call on people to brace for disaster, it’s always based on signs that point to impending events. This quarter, we saw numerous signposts pointing to hazards to sensitive data that could lead to damages to individuals’ personal lives and organizations’ operations. The high-profile breaches, vulnerability exploits, and other attacks we saw this pa
Publish At:2015-11-17 16:35 | Read:4873 | Comments:0 | Tags:Exploits Mobile Targeted Attacks Vulnerabilities android ash

Angler and Nuclear Exploit Kits Integrate Pawn Storm Flash Exploit

When it comes to exploit kits, it’s all about the timing. Exploit kits often integrate new or zero-day exploits in the hopes of getting a larger number of victims with systems that may not be as up-to-date with their patches. We found two vulnerabilities that were now being targeted by exploit kits, with one being the recent Pawn Storm Flash zero-day. Starti
Publish At:2015-11-04 04:30 | Read:4820 | Comments:0 | Tags:Vulnerabilities adobe flash Angler Exploit Kit Exploit explo

Pawn Storm APT targets MH17 crash investigation

The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, the Flight MH17, traveling from Amsterdam to Kuala Lumpur, was shot down by a missile in mysterious circumstances. The Flight MH17 was flying over a conflict zone in eastern
Publish At:2015-10-23 16:20 | Read:4057 | Comments:0 | Tags:Breaking News Cyber Crime Cyber warfare Intelligence APT cyb

Pawn Storm Targets MH17 Investigation Team

Pawn Storm has a long history of targeting government agencies and private organizations to steal sensitive information. Our most recent findings show that they targeted the international investigation team of the MH17 plane crash from different sides. The Dutch Safety Board (known as Onderzoeksraad) became a target of the cyber-espionage group before and af
Publish At:2015-10-23 04:20 | Read:4254 | Comments:0 | Tags:Targeted Attacks APT mh17 Pawn Storm Syria Targeted Attack

New Headaches: How The Pawn Storm Zero-Day Evaded Java’s Click-to-Play Protection

Several months ago, we disclosed that Pawn Storm was using a then-undiscovered zero-day Java vulnerability (CVE-2015-2590) to carry out its attacks. At the time, we noted that a separate vulnerability was used to bypass the click-to-play protection that is in use by Java. This second vulnerability (CVE-2015-4902)  has now been patched by Oracle as part of it
Publish At:2015-10-20 22:20 | Read:5239 | Comments:1 | Tags:Vulnerabilities Click-to-Play CVE-2015-4902 Java Naming and

Flash Player Zero-Day Patched by Adobe Ahead of Schedule

Adobe has released patches for multiple vulnerabilities in its Flash Player application ahead of schedule, including a zero-day exploit (CVE-2015-7645) that is known to have been used in a targeted espionage campaign.On Friday, the United States Computer Emergency Readiness Team (US-CERT) issued a statement directing users to ASPB15-27, Adobe’s latest
Publish At:2015-10-19 20:30 | Read:3670 | Comments:0 | Tags:Latest Security News Adobe Flash Player Google Project Zero

Emergency Adobe Flash Update Coming Next Week

The latest version of Adobe Flash Player, which was made available on Tuesday, will have a short shelf life.Adobe will release an emergency Flash update next week after public attacks were carried out against a zero day vulnerability in the latest version of the software,, for Windows and Macintosh systems. Adobe said only that the Flash update
Publish At:2015-10-16 03:35 | Read:3709 | Comments:0 | Tags:Vulnerabilities Web Security adobe adobe flash Adobe Flash s


Tag Cloud