HackDig : Dig high-quality web security articles for hackers

Fileless Infections: An Overview

To date, there are a number of so-called fileless infections. By fileless infections or fileless malware, we are referring to an infection or malware that does not write any files to the infected system’s hard drive. By leaving as little traces behind as possible, malware authors try to postpone detection by security vendors for as long as possible. Which is
Publish At:2016-03-30 07:45 | Read:5140 | Comments:0 | Tags:Cybercrime Malware Security Threat exploit fileless kovter p

Canadian Hospital Serves Ransomware Via Hacked Website

Ransomware attacks have made a lot of headlines in the past year with several high-profile cases, including that of the Hospital in Los Angeles which had its data encrypted and ended up paying the ransom to get it back. Recently, the Ottawa hospital in Canada was also hit but able to contain a ransomware attack. We discovered the website of another Canadian
Publish At:2016-03-21 23:55 | Read:3933 | Comments:0 | Tags:Security Threat angler CMS ransomware

Yontoo: PUPs with two faces

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2016-01-29 23:10 | Read:5198 | Comments:0 | Tags:Security Threat adware Malwarebytes Pieter Arntz protection

Trojan.DNSChanger circumvents Powershell restrictions

In recent variants of the infamous DNS-changer adware we have found that the coders use a particularly interesting method to bypass the default restrictions imposed for executing Powershell scripts. Execution restrictions To protect Windows users, Microsoft has chosen not to allow the execution of Powershell scripts by default. The default setting for the E
Publish At:2016-01-23 04:25 | Read:6066 | Comments:0 | Tags:Security Threat adware changer dns Pieter Arntz powershell r


This blog post explains what FEATURE_BROWSER_EMULATION is and why browser hijackers seem to love it. It also points out that this does not mean it’s automatically a problem if you have one or more of them. What is FEATURE_BROWSER_EMULATION? FEATURE_BROWSER_EMULATION is a registry key that allows you to set a different default document mode for the web-browse
Publish At:2016-01-14 21:30 | Read:4569 | Comments:0 | Tags:Security Threat browser FEATURE_BROWSER_EMULATION Pieter Arn

When URL Shorteners and Ransomware Collide

We are all very familiar with URL shortening services, which are regularly used in Tweets and other social media. It is no secret that cyber criminals also use URL shorteners to aid them in achieving their objectives. URL shorteners are often used by cyber criminals to obfuscate redirects to malicious destinations. Recently, a URL shortening service was used
Publish At:2016-01-14 03:25 | Read:8093 | Comments:0 | Tags:Security Threat cryptolocker ransomware shortening services

WebSearcher PUP applies Proxy Lockdown

WebSearcher is an adware application brought to you by “Web Fox” and usually comes bundled with “extremely useful” applications like “Video Codex” and “Video Player”. WebSearcher uses a proxy to insert the advertisements into your normal web experience.  What makes this one different? What makes this one different is that it uses a set of permissions to get
Publish At:2016-01-03 14:15 | Read:8635 | Comments:0 | Tags:Security Threat browser hijacker fiddler malware Malwarebyte

“INTUIT Security Warning” Emails Lead to Fake Browser Update Malware

Users of popular accounting software Quickbooks should keep an eye out for this fake “Intuit Security Warning” themed email currently in circulation, encouraging you to update your browser with a zipped download. The email reads as follows: INTUIT Security Warning As of November 5th, 2015, we will be updating the browsers we support. We encou
Publish At:2015-12-02 22:45 | Read:7772 | Comments:0 | Tags:Security Threat browser download email malware spam

FrameFox: Nominated for the Most Aggressive EULA

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at som
Publish At:2015-11-27 16:10 | Read:4670 | Comments:0 | Tags:Security Threat adware browser hijacker disables incompatibl

New Website Ransomware Variant Demands $999

Ransomware has been wreaking havoc on personal computers for several years now and it was recently made public that cyber criminals were going after personal websites as well. Poorly secured or vulnerable Linux web servers have always been valuable resources for their versatility in hosting or distributing threats. Security firms DrWeb and BitDefender have i
Publish At:2015-11-25 09:55 | Read:4967 | Comments:0 | Tags:Security Threat bitcoins linux magento ransomware wordpress

The Road to Black Friday: Stats and Security Tips

With Thanksgiving weekend just a few sleeps away, one can’t help but feel the air charged with a little excitement—perhaps, even a little danger. News outlets, marketers, and retail owners are looking forward to not just the huge deluge of people to brick-and-mortar stores and online shops, but they also anticipate buyer spending to increase yet again this y
Publish At:2015-11-24 15:50 | Read:4086 | Comments:0 | Tags:Security Threat black friday fake sale scam

Vonteera Adware Uses Certificates to Disable Anti-Malware

Vonteera is an adware family that has been around for years. They stand out from the rest because of their very intrusive changes to the affected systems, which is why you will see them classified as Trojan by some anti-malware solutions. Recently, they added a new trick to their arsenal: using system certificates to disable anti-malware and anti-virus softw
Publish At:2015-11-20 21:25 | Read:4748 | Comments:0 | Tags:Security Threat Anti-Malware antivirus certificates malware

Three Reasons Why Anti-Virus Alone is No Longer Enough

So many home, and even business users, are complacent about the level of protection they are currently receiving from their traditional anti-virus (AV) software. I have real-time protection in my AV!  That’s enough, right? Nope. Not any more. The malware ecosystem has changed drastically in the past 10 years, to the point that the old precautions are j
Publish At:2015-11-11 21:00 | Read:5158 | Comments:0 | Tags:Security Threat Anti-Malware anti-virus malvertising malware

DynamicPricer PUP disables browser updates

Although this one has been around for a while, DynamicPricer deserves some attention because of the different approach it uses compared to other Potentially Unwanted Programs (PUPs). What’s different? Where other adware applications look for sneaky ways to invade your up-to-date browsers or even install their own browser on your system, this one just instal
Publish At:2015-11-11 21:00 | Read:4025 | Comments:0 | Tags:Security Threat adware bundler Dynamic Pricer DynamicPricer

Video Saver PUP Blocks You From Changing Your Default Browser

A potentially unwanted program (PUP) called Video Saver, belonging to the Neobar family of browser hijackers, has been found to use a different trick to “convince” their victims to use their search engine “Search with us!”. It will show the victims a prompt to let them know there are restrictions in effect on their computer and to contact their system admini
Publish At:2015-10-08 01:40 | Read:4910 | Comments:0 | Tags:Security Threat hijack Internet Explorer Pieter Arntz policy


Tag Cloud