HackDig : Dig high-quality web security articles for hackers

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Researchers revealed that the number of daily brute-force attacks on Windows RDP has doubled during the pandemic lockdown. Security experts from ESET revealed that the number of daily brute-force attacks on Windows RDP has doubled during the COVID-19 lockdown. The phenomenon is not surprising because during the COVID-19 lockdown employees were forced t
Publish At:2020-06-29 10:59 | Read:141 | Comments:0 | Tags:Breaking News Hacking RDP Windows

One million brute force attacks on RDP connections every day

Two months ago, the number of people working from home skyrocketed. Remote work has now become the new normal for many companies the world over. Although this change was brought about by the Covid-19 pandemic, for many organization, remote work is likely here to stay as a permanent part of their corporate culture. To make remote work easier, many companies r
Publish At:2020-05-24 08:27 | Read:186 | Comments:0 | Tags:Business Security b2b brute force rdp

Cyberthreats on lockdown

Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, that
Publish At:2020-05-18 12:12 | Read:212 | Comments:0 | Tags:Research Credentials theft Cybercrime Phishing websites Rans

Remote spring: the rise of RDP bruteforce attacks

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Alongside the higher volume of corporate traffic, the use of third-party services for data exchange, and employees working on home computers (and potentially insecure Wi-Fi networks), another headache
Publish At:2020-05-03 08:09 | Read:323 | Comments:0 | Tags:Featured Research Cybercrime RDP

A week in security (March 30 – April 5)

Last week on Malwarebytes Labs, we offered readers tips for safe online shopping now that cybercriminals are ramping up Internet-based attacks, showed the impact that GDPR has around the world, and helped users understand how social media platforms mine their personal data. We also hosted our bi-weekly podcast, Lock and Code, with guest Adam Kujawa, who disc
Publish At:2020-04-06 15:45 | Read:389 | Comments:0 | Tags:A week in security covid-19 cyber volunteers draytek gdpr ho

iOS exploit chain deploys LightSpy feature-rich malware

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content of the landing page. Since the initial activity, we released two private reports exhaustively detailing spread, exploits, infrast
Publish At:2020-03-26 14:33 | Read:568 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Google Android I

IE zero day and heap of RDP flaws fixed in February Patch Tuesday

byJohn E DunnWeeks after the world first got wind of it, Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in “limited targeted attacks”.The fix is part of the February Patch Tuesday update that features a record 99 security vulnerabilities including 12 marked as ‘critical’ and 87 ‘important’.Th
Publish At:2020-02-15 12:44 | Read:698 | Comments:0 | Tags:Adobe Internet Explorer Microsoft Operating Systems Vulnerab

February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities

The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even wider range of fixes that address a total of 99 vulnerabilities — including 12 classified as Critical, with the remaining 99 deemed Important. Only five of the vulnerabilities were made public before the patches were released; one of these was ra
Publish At:2020-02-11 21:00 | Read:663 | Comments:0 | Tags:Exploits Vulnerabilities LNK Patch Tuesday RDP Remote Deskto

Explained: the strengths and weaknesses of the Zero Trust model

In a US court of law, the accused are deemed to be innocent until proven guilty. In a Zero Trust security model, the opposite is true. Everything and everyone must be considered suspect—questioned, investigated, and cross-checked—until we can be absolutely sure it is safe to be allowed. Zero Trust is a concept created by John Kindervag in 2010 during his
Publish At:2020-01-28 16:50 | Read:781 | Comments:0 | Tags:Explained byod cloud framework identity management insider t

Threat spotlight: Phobos ransomware lives up to its name

Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals’ belts years ago. From massive WannaCry outbreaks in 2017 to industry-focused attacks by Ryuk in 2019, ransomware’s got its hooks in global businesses and shows no signs of stopping. That includes a malware family known as Phobos ransomware, named afte
Publish At:2020-01-10 16:50 | Read:841 | Comments:0 | Tags:Threat spotlight brute force coveware crysis crysis ransomwa

Threat spotlight: The curious case of Ryuk ransomware

Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now a name that appears in several rosters of the nastiest ransomware to ever grace the wild web. For an incredibly young strain—only 15 months old—Ryuk ransomware gaining such notoriety is quite a feat to achieve. Unless the threat actors behind its
Publish At:2019-12-12 21:50 | Read:1291 | Comments:0 | Tags:Threat spotlight AES average ransom amount BitPaymer BitPaym

Reverse port forwarding SOCKS proxy via HTTP proxy (part 1)

In the context of a Red Team assessment, in this post I’ll look at some options for using SOCKS to gain external access to an internal network. I’ll cover the obvious methods and why I’m overlooking them, a crude method using standard tools (this post) and a more refined approach using modified tools (in part 2). I recently spent quite a lo
Publish At:2019-09-19 17:35 | Read:1229 | Comments:0 | Tags:Blog RDP red team Windows

Rapid7 warns of Remote Desktop Protocol (RDP) exposure for millions of endpoints

According to a new research conducted by experts at Rapid7, there are 4.1 million Windows endpoints exposed online via Remote Desktop Protocol (RDP). The researchers discovered that there are 11 million open 3389/TCP endpoints, and that 4.1 million of them are RDP. “We analyzed the responses, tallying any that appeared to be from RDP speaking endpoints
Publish At:2017-08-14 18:00 | Read:4205 | Comments:0 | Tags:Breaking News Hacking Reports Security EsteemAudit Intellige

NSA EsteemAudit exploit could trigger a new WannaCry-like attack

Security experts from enSilo firm released a free patch for Windows systems vulnerable to the NSA-linked ESTEEMAUDIT Exploit. The WannaCry emergency could not be ended because the NSA dump leaked by the Shadow Brokers team included many other dangerous exploits. Last months the Shadow Brokers group released another batch of data containing exploit codes stil
Publish At:2017-05-25 14:40 | Read:3484 | Comments:0 | Tags:Breaking News Hacking EnglishmanDentist EsteemAudit Explodin

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil. Harvesting victims via weakly protected RDP (remote desktop protocol) connections, criminals are manually installing the ransomware and encrypting any files which can be found on the system. Interesti
Publish At:2017-04-24 17:40 | Read:6395 | Comments:0 | Tags:Blog Research Brazil Ransomware RDP TeamXRat Trojan

Announce

Share high-quality web security related articles with you:)

Tools