HackDig : Dig high-quality web security articles for hacker

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The usual trick of present
Publish At:2017-08-22 09:10 | Read:118 | Comments:0 | Tags:Featured Quarterly Spam Reports Malicious spam Malware Descr

Who’s Blocked by Bad Guys?

Just a quick post about an interesting file found in a phishing kit. Bad guys use common techniques to prevent crawlers, scanners or security companies from accessing their pages. Usually, they deploy a .htaccess file to achieve this. Today, I found a phishing kit related to a bank (ANZ) with such protection. But, in this case, the attackers took the time to
Publish At:2017-08-22 00:10 | Read:39 | Comments:0 | Tags:Security htAccess Phishing

All in a Spammer’s Workweek: Where Do the Busiest Spammers Work Around the Clock?

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data
Publish At:2017-08-21 15:05 | Read:65 | Comments:0 | Tags:Advanced Threats Fraud Protection Threat Intelligence IBM X-

Cyber Criminals Hijack Chrome Extensions and put 4.7 Million Users at Risk

Developer accounts of popular chrome extensions being hijacked by cyber criminals, over 4.7 million users are at a risk of cyber attack. Over 4.7 million users could be at risk after being exposed to malicious adverts and credentials theft due to developer accounts of popular chrome extensions being hijacked by cyber criminals. A phishing campaign run by Cyb
Publish At:2017-08-17 20:05 | Read:58 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Chrome extensions Cybercri

Protecting Against Spam and Phishing Attacks With a Layered Approach to Email Security

Layered schemes are used in most information security strategies, and it is essential to establish a similar approach to protecting the organization from unwanted email. In fact, spam and phishing are some of the biggest problems IT security managers face today. According to LinkedIn’s “2017 Cybersecurity Trends Report,” phishing attacks ar
Publish At:2017-08-17 19:00 | Read:158 | Comments:0 | Tags:Fraud Protection Risk Management Email Fraud Prevention Phis

Google adds Anti-Phishing feature also to Gmail app for iOS

To fight phishing attacks, Google has introduced a security measure for its Gmail app for iOS that will help users identify and delete phishing emails. Phishing continues to be one of the most dangerous threats, crooks continue to devise new techniques to trick victims into providing sensitive information. The technique is still the privileged attack vector
Publish At:2017-08-15 15:40 | Read:192 | Comments:0 | Tags:Breaking News Mobile Security Cybercrime Gmail Gmail app for

Top 10 Email Subjects for Company Phishing Attacks

George is in his office responding to his morning emails when he notices an unusual message. The subject is concise: “Security Alert”. Obviously, he wants to know what’s going on. He opens it, reads the first paragraph to see what the problem is, then clicks the link ostensibly taking him to the company page where he will have to confirm his data
Publish At:2017-08-14 09:20 | Read:187 | Comments:0 | Tags:Security b2b Phishing

SecurityIQ Product Update: August 2017

This week’s SecurityIQ feature release includes several exciting new capabilities for improved functionality. Updates include data-housing capabilities for European clients, improved reporting tools and simplified language preference management. Read on for complete release details. Download the complete SecurityIQ features overview.Increased Learner-P
Publish At:2017-08-10 01:50 | Read:92 | Comments:0 | Tags:Phishing Security Awareness

How HTML Attachments and Phishing Are Used In BEC Attacks

Traditionally, BEC attacks have used keyloggers to steal saved account information from target machines. However, using an executable file for the attachment usually flags a user not to click them as there is a high chance that the file is malicious. As a result, we’ve seen a trend wherein the attached files are no longer executable files but HTML pages: Fi
Publish At:2017-07-27 16:35 | Read:161 | Comments:0 | Tags:Social Targeted Attacks BEC HTML attachments phishing

Protecting your email against phishing attacks

How can you protect yourself against phishing? Email is one of the most popular ways people stay in touch, for both at work and at home. One report found that there were 205 billion emails sent every day in 2015 – and this is expected to rise to 246 billion by 2019. Much of our day-to-day business is conducted online now – take banking for instance. Many ban
Publish At:2017-07-19 18:55 | Read:164 | Comments:0 | Tags:Mobile News Security cybersecurity Phishing

SMS Phishing induces victims to photograph its own token card

Renato Marinho detailed an unusual SMS phishing campaign that hit Brazilian users. All started with an SMS message supposedly sent from his bank. Introduction Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received an SMS message supposedly sent from his bank asking him to update his registration data through the given
Publish At:2017-07-17 20:20 | Read:309 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking phishing SMS Ph

Did you receive a WhatsApp subscription ending email or text? Watch out!

Did you receive a WhatsApp subscription ending email or text? Watch out! It is a scam to steal your payment and personal data. Researcher Graham Cluley is warning of bogus ‘WhatsApp subscription ending’ emails and texts. Internet users are receiving an email pretending to be from WhatsApp and warning them of the ending for an alleged WhatsApp subscription. A
Publish At:2017-07-17 01:55 | Read:184 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime phishing phshin

Hackshit PhaaS platform, even more easy to power Phishing campaigns

The experts from Netskope Threat Research Labs discovered the Hackshit PhaaS platform, another interesting case of crimeware-as-a-service. A few days ago, we discussed the Katyusha scanner,a powerful and fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future that was available for $500 in the cyber crime undergr
Publish At:2017-07-16 07:30 | Read:371 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Uncategorized crimeware-as

Outsider or Insider: Who Will Cause Today’s Data Breach?

In today’s cybercrime landscape, threats come not only from all sides, but also from within. In its annual Threat Intelligence Index, IBM X-Force called 2016 the “year of the mega breach.” As threat actors become more sophisticated, enterprises must deal with outsiders who target corporate networks to steal product, client and customer data
Publish At:2017-07-12 10:20 | Read:230 | Comments:0 | Tags:Data Protection Identity & Access Data Breach Data Breaches

File Sharing Phishing: How you can Protect Yourself

Think before you share.You may be suspicious of the emails you receive in your inbox daily. Sharing photos and videos of friends and family is fun though. So, what are some things you can do to protect yourself while sharing files? Before you easily agree to share files with a friend through a USB drive or online account, make sure your computer’s anti
Publish At:2017-07-07 01:06 | Read:184 | Comments:0 | Tags:Phishing phishing PhishSim

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud