HackDig : Dig high-quality web security articles

Microsoft clamps down on RDP brute-force attacks in Windows 11

It wasn’t so long ago that we were wondering what improvements Windows 11 would make in the security stakes. Well, we haven’t had to wait too long to find out. Windows 11 build 22528.1000 and up will tackle one of the more common entry points for network intruders. Namely, trying to prevent the brute forcing of Remote Desktop Protocol (RDP) by
Publish At:2022-07-26 11:52 | Read:314 | Comments:0 | Tags:Cybercrime ransomware rate limit rdp remote desktop protocol

4 ways businesses can save money on cyber insurance

So, your business has just suffered a data breach and it’s time to dig deep in your pockets to pay all the resulting expenses. Without cyber insurance, you can expect to pay a dizzying amount of cash. In 2022 alone, the average cost of a data breach for businesses under 1,000 employees was close to $3 million—and these costs are coming from activities tha
Publish At:2022-07-10 20:00 | Read:451 | Comments:0 | Tags:Business business cyber attack cyber insurance data breach E

How much does access to corporate infrastructure cost?

Division of labor Money has been and remains the main motivator for cybercriminals. The most widespread techniques of monetizing cyberattacks include selling stolen databases, extortion (using ransomware) and carding. However, there is demand on the dark web not only for data obtained through an attack, but also for the data and services necessary to organiz
Publish At:2022-06-15 06:17 | Read:1122 | Comments:0 | Tags:Research Darknet Data leaks Ransomware RDP Internal threats

How to protect RDP

You didn’t really think that the ransomware wave was coming to an end, did you? You may be tempted to think so, given the decline in reports about massive ransomware campaigns. Don’t be fooled. Over the last five years, one of the primary attack vectors for ransomware attacks has been the Remote Desktop Protocol (RDP). Remote desktop is exactly what
Publish At:2022-03-18 12:47 | Read:2351 | Comments:0 | Tags:Business Security world business ransomware rdp remote acces

A week in security (March 7 – March 13)

Last week on Malwarebytes Labs: The struggle to reduce bug-fixing time is realUpdate now! Mozilla patches two actively exploited vulnerabilitiesGoogle takes on Docs notification spammersWhen fake dating profiles try the military approachAzure AutoWarp brings automation headachesRagnarLocker ransomware gang breached 52 critical infrastructure organizations
Publish At:2022-03-14 08:51 | Read:1748 | Comments:0 | Tags:A week in security autowarp Azure AutoWarp Brave brute force

Blunting RDP brute-force attacks with rate limiting

Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Not long ago, guessing a Windows Remote Desktop Protocol (RDP) password successfully was widely regarded as ransomware operators’ number one choice for breaching a target. It attracted a lot of press coverage three or four years ago, and interest
Publish At:2022-03-11 21:03 | Read:1528 | Comments:0 | Tags:Explained Threat Intelligence brute force attacks brute forc

Password usage analysis of brute force attacks on honeypot servers

As Microsoft’s Head of Deception, Ross Bevington is responsible for setting up and maintaining honeypots that look like legitimate systems and servers. Honeypot systems are designed to pose as an attractive target for attackers. Sometimes they are left vulnerable to create a controllable and safe environment to study ongoing attacks. This provides resear
Publish At:2021-11-24 08:48 | Read:2474 | Comments:0 | Tags:Reports honeypot microsoft password rdp ross bevington ssh

Patch now! Microsoft plugs actively exploited zero-days and other updates

On what might seem a relatively calm Patch Tuesday with 55 vulnerabilities being patched, the fact that six of them were rated “Critical” and two of them actively exploited spoils the Zen factor somewhat. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share
Publish At:2021-11-10 12:44 | Read:3758 | Comments:0 | Tags:Exploits and vulnerabilities 3d viewer adobe Android Cisco c

Threat profile: Ranzy Locker ransomware

Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. According to a flash alert issued by the FBI, unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021, including victims in the construction, academic, government, IT, and transportation sectors
Publish At:2021-10-28 14:11 | Read:2784 | Comments:0 | Tags:Ransomware brute force protection exchange raas Ranzy Locker

Ransomware in the CIS

Introduction These days, when speaking of cyberthreats, most people have in mind ransomware, specifically cryptomalware. In 2020–2021, with the outbreak of the pandemic and the emergence of several major cybercriminal groups (Maze, REvil, Conti, DarkSide, Avaddon), an entire criminal ecosystem took shape, leading to a mounting worldwide wave of attacks on la
Publish At:2021-10-07 07:31 | Read:3919 | Comments:0 | Tags:Malware descriptions Encryption Malware Malware Descriptions

RDP brute force attacks explained

While you read these words, the chances are that somebody, somewhere, is trying to break in to your computer by guessing your password. If your computer is connected to the Internet it can be found, quickly, and if it can be found, somebody will try to break in. And it isn’t like the movies. The criminal hacker trying to guess your password isn̵
Publish At:2021-08-03 11:33 | Read:1812 | Comments:0 | Tags:Explained rdp RDP brute force

LemonDuck no longer settles for breadcrumbs

LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [1][2] on the Microsoft Security blog. LemonDuck Trojan.LemonDuck has al
Publish At:2021-07-30 13:57 | Read:1483 | Comments:0 | Tags:Botnets C&C cross-platform LemonCat LemonDuck LNK malspam pr

Royal Mail phish deploys evasion tricks to avoid analysis

Royal Mail phish scams are still in circulation, slowly upgrading their capabilities with evasion tools deployed in far more sophisticated malware attacks. Often, the quality of sites we see varies greatly. Many fake Royal Mail pages are cookie-cutter efforts existing on borrowed time. The operators know their scam is a case of here today, gone tomorrow.
Publish At:2021-05-19 14:14 | Read:1821 | Comments:0 | Tags:Scams bypass delivery parcel phish phishing post office rdp

Avaddon ransomware campaign prompts warnings from FBI, ACSC

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. The FBI states that is has received notifications of unidentified cyber actors using Avaddon ransomware against US and foreign private sector companies, manufacturing
Publish At:2021-05-11 14:24 | Read:1444 | Comments:0 | Tags:Ransomware .avdn acsc avaddon Dark Web ddos exfiltrated data

Perkiler malware turns to SMB brute force to spread

Researchers at Guardicore have identified a new infection vector being used by the Perkiler malware where internet-facing Windows machines are breached through SMB password brute force. Perkiler is a complex Windows malware with rootkit components that is dropped by the Purple Fox exploit kit (EK) and was spread by phishing campaigns. What is SMB? S
Publish At:2021-03-25 19:40 | Read:2382 | Comments:0 | Tags:Trojans brute force exploit kit perkiler Purple Fox rdp root

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud