HackDig : Dig high-quality web security articles for hacker

Free Youtube Downloader PUP is just another Tech Support Scam

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2016-02-19 07:30 | Read:3949 | Comments:0 | Tags:Social Engineering activate friday Malwarebytes Pieter Arntz

Yontoo: PUPs with two faces

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2016-01-29 23:10 | Read:3339 | Comments:0 | Tags:Security Threat adware Malwarebytes Pieter Arntz protection

Trojan.DNSChanger circumvents Powershell restrictions

In recent variants of the infamous DNS-changer adware we have found that the coders use a particularly interesting method to bypass the default restrictions imposed for executing Powershell scripts. Execution restrictions To protect Windows users, Microsoft has chosen not to allow the execution of Powershell scripts by default. The default setting for the E
Publish At:2016-01-23 04:25 | Read:4292 | Comments:0 | Tags:Security Threat adware changer dns Pieter Arntz powershell r

A Brief Guide to FEATURE_BROWSER_EMULATION

This blog post explains what FEATURE_BROWSER_EMULATION is and why browser hijackers seem to love it. It also points out that this does not mean it’s automatically a problem if you have one or more of them. What is FEATURE_BROWSER_EMULATION? FEATURE_BROWSER_EMULATION is a registry key that allows you to set a different default document mode for the web-browse
Publish At:2016-01-14 21:30 | Read:2903 | Comments:0 | Tags:Security Threat browser FEATURE_BROWSER_EMULATION Pieter Arn

The Windows Vaults

The Credential Manager in Windows is a relatively unknown feature, even though a lot of people are using it without being aware of its existence. Windows stores credentials in special folders that they call “vaults” to help users login to websites and other computers. The Credential Manager as such is introduced with Windows 7. Operation Reviewin
Publish At:2016-01-11 21:10 | Read:3141 | Comments:0 | Tags:Online Security credentials login passwords Pieter Arntz win

WebSearcher PUP applies Proxy Lockdown

WebSearcher is an adware application brought to you by “Web Fox” and usually comes bundled with “extremely useful” applications like “Video Codex” and “Video Player”. WebSearcher uses a proxy to insert the advertisements into your normal web experience.  What makes this one different? What makes this one different is that it uses a set of permissions to get
Publish At:2016-01-03 14:15 | Read:4137 | Comments:0 | Tags:Security Threat browser hijacker fiddler malware Malwarebyte

Mintcast PUPs disable safebrowsing settings in Firefox

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2015-12-25 13:15 | Read:3697 | Comments:0 | Tags:Online Security adwareroi firefox mintcast Pieter Arntz PUP

DNS Hijacks: Routers

Our Support department has noticed a significant increase in the number of people that have had their DNS settings hijacked. Not only on their computers, but on their routers as well. For some background information on DNS hijacks, please read “DNS Hijacks: What to Look For”. How does it work? In a typical home setup, we have: A modem provided b
Publish At:2015-12-18 00:25 | Read:4750 | Comments:0 | Tags:Online Security default password dns hijack Pieter Arntz rou

An Introduction to Image File Execution Options

Image File Execution Options (IFEO) are used for debugging. Malware, however, does not only check if there are debuggers active, but it’s also known to use the features IFEO has to offer to their own advantage. Intention IFEO settings are stored in the Windows registry. The intention of creating the IFEO registry key is to give developers the option to debug
Publish At:2015-12-04 10:55 | Read:3920 | Comments:0 | Tags:All Things Dev IFEO Image File Execution Options Pieter Arnt

FrameFox: Nominated for the Most Aggressive EULA

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at som
Publish At:2015-11-27 16:10 | Read:3331 | Comments:0 | Tags:Security Threat adware browser hijacker disables incompatibl

Vonteera Adware Uses Certificates to Disable Anti-Malware

Vonteera is an adware family that has been around for years. They stand out from the rest because of their very intrusive changes to the affected systems, which is why you will see them classified as Trojan by some anti-malware solutions. Recently, they added a new trick to their arsenal: using system certificates to disable anti-malware and anti-virus softw
Publish At:2015-11-20 21:25 | Read:3176 | Comments:0 | Tags:Security Threat Anti-Malware antivirus certificates malware

DynamicPricer PUP disables browser updates

Although this one has been around for a while, DynamicPricer deserves some attention because of the different approach it uses compared to other Potentially Unwanted Programs (PUPs). What’s different? Where other adware applications look for sneaky ways to invade your up-to-date browsers or even install their own browser on your system, this one just instal
Publish At:2015-11-11 21:00 | Read:2692 | Comments:0 | Tags:Security Threat adware bundler Dynamic Pricer DynamicPricer

CrossBrowse, another Chromium Project

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2015-11-06 15:00 | Read:3819 | Comments:0 | Tags:Online Security adware browser chromium crossbrowse crossrid

Backscatter or misdirected bounces

In this post we will try to explain how it is possible that you receive notifications of bounced emails when you are unaware of sending them in the first place. The scenario that you might be afraid of and the first one that might come to mind is that your mail account has been hacked and is being used to send spam. If you fear that this has happened, the fi
Publish At:2015-11-04 09:00 | Read:2868 | Comments:0 | Tags:Online Security backscatter bounce email mail NDR Pieter Arn

Advertising Brokers: A Background Information

This post is intended to give you some background information about advertisement brokers, the men and women that are in the middle of web advertising. In a market consisting of media providers (in this case mostly websites) on one side and advertisers on the other, the advertising brokers strive to optimize the effect and the revenue of advertisements. Some
Publish At:2015-10-30 21:00 | Read:3572 | Comments:0 | Tags:Privacy advertising cookies facebook Pieter Arntz

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud