HackDig : Dig high-quality web security articles for hacker

Brain-hacking: Why Social Engineering is so effective

<p>You are affected by social engineering tactics every day.</p> <p><img src="https://info.phishlabs.com/hs-fs/hubfs/brain%20hacking.png?width=300&amp;name=brain%20hacking.png" alt="brain hacking" width="300" style="width: 300px; float: right; margin: 0px 10px 10px 0px;">Okay, let me explain. From an information security standp
Publish At:2019-09-19 22:40 | Read:17 | Comments:0 | Tags:Psychology social engineering

Brain-Hacking Part 2: Ain’t Nobody Got Time for That!

<h2><em> Taking Advantage of Our Tendency to Simplify</em></h2> <p>There’s an old joke floating around the Internet that claims NASA, upon discovering that standard ballpoint pens would not work in space, invested millions of dollars and years of R&amp;D. The resulting pen was supposedly capable of writing in zero-G, on an
Publish At:2019-09-19 22:40 | Read:29 | Comments:0 | Tags:Psychology social engineering

Spam and phishing in Q2 2019

Quarterly highlights Spam through Google services In the second quarter of 2019, scammers were making active use of cloud-based data storage services such as Google Drive and Google Storage to hide their illegal content. The reasoning behind this is simple: a link from a legitimate domain is seen as more trustworthy by both users and spam filters. Most often
Publish At:2019-09-19 18:20 | Read:44 | Comments:0 | Tags:Featured Spam and phishing Malicious spam Malware Descriptio

Spam and phishing in Q3 2017

Quarterly highlights Blockchain and spam Cryptocurrencies have been a regular theme in the media for several years now. Financial analysts predict a great future for them, various governments are thinking about launching their own currencies, and graphics cards are swept off the shelves as soon as they go on sale. Of course, spammers could not resist the top
Publish At:2017-11-03 07:15 | Read:2226 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

Pick a Card, Any Card: Deception, the Human Mind and the Social Engineering Challenge

Even as the technology deployed by both cyberattackers and cybersecurity defenders grows more sophisticated and powerful, the central role of the human factor remains critical. The most effective way to break into a computer network is to trick a legitimate user into opening the door to let you in. The techniques used to achieve this trickery are known as so
Publish At:2017-10-22 05:00 | Read:2584 | Comments:0 | Tags:Fraud Protection Fraud Prevention Phishing Phishing Attacks

WiNX: The Ultra-Portable Wireless Attacking Platform

When you are performing penetration tests for your customers, you need to build your personal arsenal. Tools, pieces of hardware and software are collected here and there depending on your engagements to increase your toolbox. To perform Wireless intrusion tests, I’m a big fan of the WiFi Pineapple. I’ve one for years (model MK5). It’s not
Publish At:2017-09-29 02:25 | Read:4373 | Comments:0 | Tags:Pentesting Security Social Engineering Hardware WiFi WiNX Wi

A simple example of a complex cyberattack

We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it ‘M
Publish At:2017-09-26 14:25 | Read:2992 | Comments:0 | Tags:Research DLL hijacking Dropper Microsoft Word Social Enginee

Miners on the Rise

Miners are a class of malware whose popularity has grown substantially this year. The actual process of cryptocurrency mining is perfectly legal, though there are groups of people who hoodwink unwitting users into installing mining software on their computers, or exploiting software vulnerabilities to do so. This results in threat actors receiving cryptocurr
Publish At:2017-09-12 13:30 | Read:2561 | Comments:0 | Tags:Research Botnets Cryptocurrencies Malware Descriptions Socia

Dissecting the Chrome Extension Facebook malware

It’s been a few days since Kaspersky Lab’s blog post about the Multi Platform Facebook malware that was spread through Facebook Messenger. At the same time as Kaspersky Lab were analyzing this threat, a few researchers where doing the same, including Frans Rosén, Security Advisor at Detectify. After Frans saw David’s tweet about the blog po
Publish At:2017-08-31 14:55 | Read:2622 | Comments:0 | Tags:Research Browser Plugins Google Chrome Social Engineering So

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The usual trick of present
Publish At:2017-08-22 09:10 | Read:3358 | Comments:0 | Tags:Featured Quarterly Spam Reports Malicious spam Malware Descr

SMS Phishing induces victims to photograph its own token card

Renato Marinho detailed an unusual SMS phishing campaign that hit Brazilian users. All started with an SMS message supposedly sent from his bank. Introduction Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received an SMS message supposedly sent from his bank asking him to update his registration data through the given
Publish At:2017-07-17 20:20 | Read:3183 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking phishing SMS Ph

The Enemy Within: Identifying Insider Threats in Your Organization

Security professionals and managers are increasingly concerned that the leading information security risk to organizations comes from within. But despite the sinister overtones of this problem, insider threats are associated more with accidents and oversights than malicious actors. The danger is amplified by shortfalls in training and expertise, and the ch
Publish At:2017-06-22 11:35 | Read:3403 | Comments:0 | Tags:Identity & Access Risk Management Critical Data Data Protect

Back to Basics: Six Simple Strategies to Strengthen Your Security Posture

Security threats can be scary, and the fear factor is understandable. Technological progress makes security a fast-moving target, with new and more sophisticated threats constantly emerging. The Internet of Things (IoT) is raising the stakes, putting the means of physical destruction in the hands of malicious actors. A sophisticated criminal underworld ecos
Publish At:2017-06-16 08:15 | Read:3277 | Comments:0 | Tags:Risk Management Data Protection Passwords Patch Management S

Two Tickets as Bait

Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air, Turkish Airlines, Air Asia, Air India, and other companies. We cann
Publish At:2017-06-10 09:25 | Read:3454 | Comments:0 | Tags:Phishing Fraud Social Engineering Social networks

Five Tips to Stay Safe on Social Media While Traveling

Oversharing your travel plans can put you, your colleagues, your corporate data systems, your property and even your loved ones at risk. Similarly, announcing to the world that your home is vacant obviously increases the odds of a break-in, so what happens to your corporate laptop or personal devices containing corporate data that you leave at home? Furthe
Publish At:2017-06-07 21:40 | Read:4281 | Comments:0 | Tags:Risk Management Identity Theft Phishing Security Awareness S

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud