HackDig : Dig high-quality web security articles for hackers

Aggressive in-app advertising in Android

Recently, we’ve been noticing ever more dubious advertising libraries in popular apps on Google Play. The monetization methods used in such SDKs can pose a threat to users, yet they pull in more revenue for developers than whitelisted ad modules due to the greater number of views. In this post we will look into a few examples of suspicious-looking ad m
Publish At:2020-05-25 06:21 | Read:129 | Comments:0 | Tags:Featured Research Adware Google Android

The VBA Language for Script Kiddies

Introduction Thanks to your super spiffy explainer on macros, I know why I should go old school and start coding in VBA, but I can’t even read it, let alone hack it. Do you have Google translate for VBA or possibly a Babel fish? Great, I’ve convinced you that you need to start looking at macros again and learn a little VBA, and if you haven’t, re-read
Publish At:2020-05-18 12:54 | Read:85 | Comments:0 | Tags:Research

Developing with VBA for Script Kiddies

Introduction Now that I can read these macros and code snippets on stackexchange, how do I really make use of VBA? There must be more than meets the eye. How can I transform this BASIC code into something to pwn the world? I want to develop something! After learning the reason we should be looking at VBA again in part 1: “Intro To Macros and VBA
Publish At:2020-05-18 12:54 | Read:121 | Comments:0 | Tags:Research

Cyberthreats on lockdown

Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, that
Publish At:2020-05-18 12:12 | Read:160 | Comments:0 | Tags:Research Credentials theft Cybercrime Phishing websites Rans

Remote spring: the rise of RDP bruteforce attacks

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Alongside the higher volume of corporate traffic, the use of third-party services for data exchange, and employees working on home computers (and potentially insecure Wi-Fi networks), another headache
Publish At:2020-05-03 08:09 | Read:261 | Comments:0 | Tags:Featured Research Cybercrime RDP

As if the world couldn’t get any weirder, this AI toilet scans your anus to identify you

byLisa VaasYes, your continuous health monitoring Internet of Things (IoT) wrist wrapper well may track your sleep quality and how many calories you burn, but answer me this: does it stick artificial intelligence (AI) sensors up in your business to capture your urine flow and the Sistine Chapel-esque glory of the unique-as-a-fingerprint biometric that is you
Publish At:2020-04-08 08:21 | Read:454 | Comments:0 | Tags:Privacy analprint biometrics cloud storage continuous health

Unkillable xHelper and a Trojan matryoshka

It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever. The main feature of xHelper is entrenchment — once it gets into the phone, it somehow remains there even after the user deletes it and restores the factory settings. We conducted a thoroug
Publish At:2020-04-07 08:21 | Read:410 | Comments:0 | Tags:Featured Research Android Malware Descriptions Malware Techn

Gaining Insight Into the Ponemon Institute’s 2020 Cost of Insider Threats Report

Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies i
Publish At:2020-02-09 10:30 | Read:396 | Comments:0 | Tags:CISO Security Services Access Management Breach Credentials

Shlayer Trojan attacks one in ten macOS users

For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in 2019, one in ten of our Mac security solutions encountered this malware at least once, and it accounts for almost 30% of all detections for this OS. The first specimens of this family fell into our hands back in February 2018, and we have since collected
Publish At:2020-01-23 06:05 | Read:679 | Comments:0 | Tags:Research macOS Malware

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

In November 2019, Kaspersky technologies successfully detected a Google Chrome 0-day exploit that was used in Operation WizardOpium attacks. During our investigation, we discovered that yet another 0-day exploit was used in those attacks. The exploit for Google Chrome embeds a 0-day EoP exploit (CVE-2019-1458) that is used to gain higher privileges on the in
Publish At:2019-12-10 18:05 | Read:818 | Comments:0 | Tags:Featured Research Microsoft Windows Vulnerabilities and expl

Unwanted notifications in browser

When, back in 2015, push notifications were just appearing in browsers, very few people wondered how this tool would be used in the future: once a useful technology made to keep regular readers informed about updates, today it is often used to shell website visitors with unsolicited ads. To achieve that, users are hoaxed into subscribing to notifications, fo
Publish At:2019-11-25 13:05 | Read:912 | Comments:0 | Tags:Featured Research Browser Phishing Social Engineering

The cybercrime ecosystem: attacking blogs

Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat landscape to provide a more realistic understanding of why thi
Publish At:2019-11-21 06:05 | Read:1158 | Comments:0 | Tags:Research code injection Data leaks Malware SQL injection Vul

Steam-powered scammers

Digital game distribution services have not only simplified the sale of games themselves, but provided developers with additional monetization levers. For example, in-game items, such as skins, equipment, and other character-enhancing elements as well as those that help one show up, can be sold for real money. Users themselves can also sell items to each oth
Publish At:2019-10-28 06:05 | Read:1046 | Comments:0 | Tags:Featured Research Fraud gam Phishing websites Social Enginee

Hello! My name is Dtrack

Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards that were inserted into the mach
Publish At:2019-09-23 06:20 | Read:1328 | Comments:0 | Tags:Featured Research ATM Dropper Financial malware Lazarus Malw

Agent 1433: remote attack on Microsoft SQL Server

All over the world companies large and small use Microsoft SQL Server for database management. Highly popular yet insufficiently protected, this DBMS is a target of choice for hacking. One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to work
Publish At:2019-09-19 18:20 | Read:952 | Comments:0 | Tags:Research Backdoor Microsoft SQL Passwords Trojan

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud