HackDig : Dig high-quality web security articles for hackers

Malicious Macros for Script Kiddies

Introduction Macros seem like the new hotness amongst hackers, but I thought macros were just simple scripts that some accountant in finance used to simplify their spreadsheets. How can I use and abuse these things to Hack the Planet and rule the world? How can something designed in the 90s still be relevant? In previous blog posts, I provided the foun
Publish At:2020-08-04 09:29 | Read:109 | Comments:0 | Tags:Penetration Testing Research Security Testing & Analysis

A Developer’s Introduction to Beacon Object Files

With the release of Cobalt Strike 4.1, a new feature has been added that allows code to be run in a more OPSEC friendly manner. This is implemented through what has been termed Beacon Object Files (BOFs). In this post, I will outline some of the less obvious restrictions of BOFs and share my workflow in an effort to assist anyone tasked with writing in this
Publish At:2020-07-16 09:55 | Read:135 | Comments:0 | Tags:Research

The Streaming Wars: A Cybercriminal’s Perspective

Cyber threats aren’t relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren’t APTs and massive data breaches—they’re the daily encounters with malware and spam by everyday users. And, one of the areas where we’re most vulnerable is entertainment—particularly when we’re so used to findi
Publish At:2020-07-16 08:05 | Read:102 | Comments:0 | Tags:Research Adware Cybercrime Malware Descriptions Malware Stat

Redirect auction

We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated. Recently, while examining the behavior of one n
Publish At:2020-07-08 08:11 | Read:108 | Comments:0 | Tags:Featured Research Phishing Website Hacks

Pig in a poke: smartphone adware

Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants itself in the system partition, and trying to get rid of it can lead to device failure. In addition, ads can be emb
Publish At:2020-07-06 08:25 | Read:219 | Comments:0 | Tags:Featured Research advertising networks Adware Mobile Malware

CVE-2020-2021: PAN-OS SAML Security Bypass

On June 29, 2020, Palo Alto released information on a Security Assertion Markup Language (SAML) authentication bypass CVE-2020-2021. Palo Alto published the advisory PAN-148988 for a critical issue affecting multiple versions of PAN-OS. An Overview of the Vulnerability Description: With network access to a device running a vulnerable version of PAN-
Publish At:2020-07-02 17:46 | Read:143 | Comments:0 | Tags:Leadership Research

Abusing Windows Telemetry for Persistence

Today we’re going to talk about a persistence method that takes advantage of some of the wonderful telemetry that Microsoft has included in Windows versions for the last decade. The process outlined here affects Windows machines from 2008R2/Windows 7 through 2019/Windows 10.As of this posting, this persistence technique requires local admin rights to i
Publish At:2020-06-09 06:06 | Read:215 | Comments:0 | Tags:Application Security Assessment Penetration Testing Research

Aggressive in-app advertising in Android

Recently, we’ve been noticing ever more dubious advertising libraries in popular apps on Google Play. The monetization methods used in such SDKs can pose a threat to users, yet they pull in more revenue for developers than whitelisted ad modules due to the greater number of views. In this post we will look into a few examples of suspicious-looking ad m
Publish At:2020-05-25 06:21 | Read:306 | Comments:0 | Tags:Featured Research Adware Google Android

The VBA Language for Script Kiddies

Introduction Thanks to your super spiffy explainer on macros, I know why I should go old school and start coding in VBA, but I can’t even read it, let alone hack it. Do you have Google translate for VBA or possibly a Babel fish? Great, I’ve convinced you that you need to start looking at macros again and learn a little VBA, and if you haven’t, re-read
Publish At:2020-05-18 12:54 | Read:188 | Comments:0 | Tags:Research

Developing with VBA for Script Kiddies

Introduction Now that I can read these macros and code snippets on stackexchange, how do I really make use of VBA? There must be more than meets the eye. How can I transform this BASIC code into something to pwn the world? I want to develop something! After learning the reason we should be looking at VBA again in part 1: “Intro To Macros and VBA
Publish At:2020-05-18 12:54 | Read:224 | Comments:0 | Tags:Research

Cyberthreats on lockdown

Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, that
Publish At:2020-05-18 12:12 | Read:300 | Comments:0 | Tags:Research Credentials theft Cybercrime Phishing websites Rans

Remote spring: the rise of RDP bruteforce attacks

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Alongside the higher volume of corporate traffic, the use of third-party services for data exchange, and employees working on home computers (and potentially insecure Wi-Fi networks), another headache
Publish At:2020-05-03 08:09 | Read:372 | Comments:0 | Tags:Featured Research Cybercrime RDP

As if the world couldn’t get any weirder, this AI toilet scans your anus to identify you

byLisa VaasYes, your continuous health monitoring Internet of Things (IoT) wrist wrapper well may track your sleep quality and how many calories you burn, but answer me this: does it stick artificial intelligence (AI) sensors up in your business to capture your urine flow and the Sistine Chapel-esque glory of the unique-as-a-fingerprint biometric that is you
Publish At:2020-04-08 08:21 | Read:620 | Comments:0 | Tags:Privacy analprint biometrics cloud storage continuous health

Unkillable xHelper and a Trojan matryoshka

It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever. The main feature of xHelper is entrenchment — once it gets into the phone, it somehow remains there even after the user deletes it and restores the factory settings. We conducted a thoroug
Publish At:2020-04-07 08:21 | Read:561 | Comments:0 | Tags:Featured Research Android Malware Descriptions Malware Techn

Gaining Insight Into the Ponemon Institute’s 2020 Cost of Insider Threats Report

Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies i
Publish At:2020-02-09 10:30 | Read:521 | Comments:0 | Tags:CISO Security Services Access Management Breach Credentials

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud