HackDig : Dig high-quality web security articles for hacker

The Past, Present and Future of Security Information and Event Management (SIEM)

With the release of the 2020 Gartner Magic Quadrant for Security Information and Event Management (SIEM), we feel that it is an appropriate time to reflect on the evolution of SIEM over the years. Starting out as a tool originally designed to assist organizations with compliance, SIEM evolved into an advanced threat detection system, then into an investigati
Publish At:2020-02-24 09:37 | Read:131 | Comments:0 | Tags:Incident Response Security Intelligence & Analytics Advanced

Municipal Cyberattacks Put Us All at Risk: What Can We Learn From Previous Attacks?

2019 was a tough year for the overall cybersecurity of state and local governments and municipal institutions. If you follow security news, there were times when not a week would go by without word of how the latest municipal cyberattacks impeded or even halted day-to-day operations. This stream of recent hacking incidents targeting government and municipal
Publish At:2020-02-21 13:22 | Read:186 | Comments:0 | Tags:Data Protection Government Cyberattacks Data Breach Healthca

We Need More Than Security Awareness to Combat Insider Threats

When I was new to the security industry, I firmly believed that people got infected with malware because they didn’t know how to be safe online. I thought problems happened because computers were too complicated, or the technology was too daunting, or people were just too trusting and naive. But clearly I knew better. I saw the dangers lurking on the i
Publish At:2020-02-12 10:40 | Read:217 | Comments:0 | Tags:CISO Human Error Human Factor Insider Threats Security Aware

Battling online coronavirus scams with facts

Panic and confusion about the recent coronavirus outbreak spurred threat actors to launch several malware campaigns across the world, relying on a tried-and-true method to infect people’s machines: fear. Cybercriminals targeted users in Japan with an Emotet campaign that included malicious Word documents that allegedly contained information about coronav
Publish At:2020-02-10 16:47 | Read:208 | Comments:0 | Tags:Social engineering 2019-nCoV CDC Centers for Disease Control

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

The malware discussed in this blog saw input from X-Force researchers Andre Piva and Ofir Ozer. It was initially described in a blog post by X-Force’s Maor Wiesen and Limor Kessem. The IBM Trusteer cybercrime research labs specialize in the detection and counteraction of the crimeware and attacks operated by organized cybercrime gangs. In one of our re
Publish At:2020-02-09 10:30 | Read:167 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Bankin

How Deepfakes Will Make Us Question Everything in 2020

We’ve written about deepfakes before, but there’s one overlooked side effect that must be brought to our attention: As the technology improves and becomes more commonplace, what’s stopping anyone from claiming that what they definitively said was the result of a deepfake? While watching a recent episode of The New York Times’ “T
Publish At:2020-02-09 10:30 | Read:118 | Comments:0 | Tags:Artificial Intelligence Identity & Access Risk Management Ad

Happy New Fear! Gift-wrapped spam and phishing

Pre-holiday spam Easy money In the run-up to Christmas and New Year, scam е-mails mentioning easy pickings, lottery winnings, and other cash surprises are especially popular. All the more so given how simple it is to adapt existing schemes simply by mentioning the holiday in the subject line. For example, one scam е-mail with the subject line “Xsmas gi
Publish At:2020-02-07 06:05 | Read:229 | Comments:0 | Tags:Featured Spam and phishing mailings Malicious spam Phishing

Spear phishing 101: what you need to know

Phishing, a cyberattack method as old as viruses and Nigerian Princes, continues to be one of the most popular means of initiating a breach against individuals and organizations, even in 2020. The tactic is so effective, it has spawned a multitude of sub-methods, including smishing (phishing via SMS), pharming, and the technique du jour for this blog: spear
Publish At:2020-01-29 16:50 | Read:399 | Comments:0 | Tags:Social engineering 101 business malspam organisation organiz

[SANS ISC] Why Phishing Remains So Popular?

I published the following diary on isc.sans.edu: “Why Phishing Remains So Popular?“: Probably, some phishing emails get delivered into your mailbox every day and you ask yourself: “Why do they continue to spam us with so many emails? We are aware of phishing and it will not affect my organization!” First of all, emails remain a
Publish At:2020-01-24 15:20 | Read:398 | Comments:0 | Tags:SANS Internet Storm Center Security Social Engineering Phish

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation

In the early days, practically all tech support scammers would get their own leads by doing some amateur SEO poisoning and keyword stuffing on YouTube and other social media sites. They’d then leverage their boiler room to answer incoming calls from victims. Today, these practices continue, but we are seeing more advanced operations with a clear sep
Publish At:2020-01-22 16:50 | Read:295 | Comments:0 | Tags:Threat analysis 404Browlock 404error browlock browlocks Brow

How to prevent a rootkit attack

If you’re ever at the receiving end of a rootkit attack, then you’ll understand why they are considered one of the most dangerous cyberthreats today. Rootkits are a type of malware designed to stay undetected on your computer. Cybercriminals use rootkits to remotely access and control your machine, burrowing deep into the system like a latche
Publish At:2020-01-14 16:55 | Read:358 | Comments:0 | Tags:How-tos application rootkits bootloader firmware rootkits ha

6 ways hackers are targeting retail businesses

Retail hacking is no new phenomenon, although it has increased in frequency over the last few years. In fact, retailers experienced more breaches than any other industry in 2019, and they’ve lost over $30 billion to cybersecurity attacks. Both brick-and-mortar and online businesses experience retail hacking. Cybercriminals must often work harder to
Publish At:2020-01-08 16:50 | Read:327 | Comments:0 | Tags:Web threats credential stuffing EMV technology Magecart near

Spelevo exploit kit debuts new social engineering trick

2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult websites to compromise more devices. The current Chromium-d
Publish At:2019-12-18 16:50 | Read:486 | Comments:0 | Tags:Threat analysis EK exploit kit Gozi malvertising Qakbot Qbot

Fake Elder Scrolls Online developers go phishing on PlayStation

A player of popular gaming title Elder Scrolls Online recently took to Reddit to warn users of a phish via Playstation messaging. This particular phishing attempt is notable for ramping up the pressure on recipients—a classic social engineering technique taken to the extreme. A terms of service violation? In MMORPG land, the scammers take a theoretically pla
Publish At:2019-12-06 16:50 | Read:647 | Comments:0 | Tags:Social engineering elder scrolls online ESO gamers gaming ga

Corporate security prediction 2020

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020 Cybersecurity of connected healthcare 2020: Overview and predictions 5G technology predictions 2020 Cyberthreats to financial institutions 2020: Overview and predictions Moving to the cloud The popularity of cloud services is growing, and threat actors are here to exploit the trend. We
Publish At:2019-12-03 06:05 | Read:508 | Comments:0 | Tags:Kaspersky Security Bulletin Cloud Computing Cyber espionage

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud