HackDig : Dig high-quality web security articles for hacker

Miners on the Rise

Miners are a class of malware whose popularity has grown substantially this year. The actual process of cryptocurrency mining is perfectly legal, though there are groups of people who hoodwink unwitting users into installing mining software on their computers, or exploiting software vulnerabilities to do so. This results in threat actors receiving cryptocurr
Publish At:2017-09-12 13:30 | Read:182 | Comments:0 | Tags:Research Botnets Cryptocurrencies Malware Descriptions Socia

Dissecting the Chrome Extension Facebook malware

It’s been a few days since Kaspersky Lab’s blog post about the Multi Platform Facebook malware that was spread through Facebook Messenger. At the same time as Kaspersky Lab were analyzing this threat, a few researchers where doing the same, including Frans Rosén, Security Advisor at Detectify. After Frans saw David’s tweet about the blog po
Publish At:2017-08-31 14:55 | Read:185 | Comments:0 | Tags:Research Browser Plugins Google Chrome Social Engineering So

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The usual trick of present
Publish At:2017-08-22 09:10 | Read:183 | Comments:0 | Tags:Featured Quarterly Spam Reports Malicious spam Malware Descr

SMS Phishing induces victims to photograph its own token card

Renato Marinho detailed an unusual SMS phishing campaign that hit Brazilian users. All started with an SMS message supposedly sent from his bank. Introduction Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received an SMS message supposedly sent from his bank asking him to update his registration data through the given
Publish At:2017-07-17 20:20 | Read:377 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking phishing SMS Ph

The Enemy Within: Identifying Insider Threats in Your Organization

Security professionals and managers are increasingly concerned that the leading information security risk to organizations comes from within. But despite the sinister overtones of this problem, insider threats are associated more with accidents and oversights than malicious actors. The danger is amplified by shortfalls in training and expertise, and the ch
Publish At:2017-06-22 11:35 | Read:534 | Comments:0 | Tags:Identity & Access Risk Management Critical Data Data Protect

Back to Basics: Six Simple Strategies to Strengthen Your Security Posture

Security threats can be scary, and the fear factor is understandable. Technological progress makes security a fast-moving target, with new and more sophisticated threats constantly emerging. The Internet of Things (IoT) is raising the stakes, putting the means of physical destruction in the hands of malicious actors. A sophisticated criminal underworld ecos
Publish At:2017-06-16 08:15 | Read:448 | Comments:0 | Tags:Risk Management Data Protection Passwords Patch Management S

Two Tickets as Bait

Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air, Turkish Airlines, Air Asia, Air India, and other companies. We cann
Publish At:2017-06-10 09:25 | Read:502 | Comments:0 | Tags:Phishing Fraud Social Engineering Social networks

Five Tips to Stay Safe on Social Media While Traveling

Oversharing your travel plans can put you, your colleagues, your corporate data systems, your property and even your loved ones at risk. Similarly, announcing to the world that your home is vacant obviously increases the odds of a break-in, so what happens to your corporate laptop or personal devices containing corporate data that you leave at home? Furthe
Publish At:2017-06-07 21:40 | Read:490 | Comments:0 | Tags:Risk Management Identity Theft Phishing Security Awareness S

Four New Cyberthreats on the CISO’s Radar

Enterprises today face new cyberthreats from many different vectors, including some that didn’t exist just a few years ago. Chief information security officers (CISOs) need to keep their eyes on the evolving ways their companies can be breached and close any gaps to minimize the damage. Four New Cyberthreats Facing CISOs 1. Ransomware The latest high
Publish At:2017-05-30 22:30 | Read:437 | Comments:0 | Tags:CISO Chief Information Security Officer (CISO) Cyberthreats

Spam and phishing in Q1 2017

Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost
Publish At:2017-05-02 05:05 | Read:792 | Comments:0 | Tags:Analysis Featured Quarterly Spam Reports Malicious spam Malw

Personalized Spam and Phishing

Most spam, especially the sort that is mass-mailed on behalf of businesses, has quite an impersonal format: spammers create a message template for a specific mailing purpose and often drastically diversify the contents of that template. Generally, these kinds of messages do not personally address the recipient and are limited to common phrases such as “
Publish At:2017-04-19 08:45 | Read:897 | Comments:0 | Tags:Blog Phishing Social Engineering Spam Letters

Nine Security Practices That May Not Be Effective

We recently looked at nine security tips that go outside the box of conventional thinking. Along with thinking about security practices creatively, however, we need to be aware of the shortcomings that come with standard defensive and protective measures. InfoWorld recently published a report, titled “18 Surprising Tips for Security Pros,” that l
Publish At:2017-03-09 17:45 | Read:698 | Comments:0 | Tags:CISO Data Protection Best Practices Education Security Aware

TeamSpy Data-Stealing Malware at It Again with New Spam Campaign

Attackers have lots of ways of gaining access to a target’s information. One of their preferred attack vectors is exploiting careless end user behavior. This is especially true when it comes to users who don’t adequately protect their web accounts.For instance, bad actors targeted users of TeamViewer, software which allows IT professionals to gai
Publish At:2017-02-27 10:30 | Read:914 | Comments:0 | Tags:Cyber Security Featured Articles DLL Hijacking malware socia

Spam and phishing in 2016

The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family distributed via email. Germany (14.13%) was the countr
Publish At:2017-02-20 12:50 | Read:1331 | Comments:0 | Tags:Analysis Featured Kaspersky Security Bulletin Malicious spam

Mobile apps and stealing a connected car

The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. The case in point is not only multimedia systems (music, maps, and films are available on-board in modern luxury cars) but also car key systems in both literal and figurative senses. By using proprietary mobile apps, it is possible
Publish At:2017-02-16 21:30 | Read:928 | Comments:0 | Tags:Analysis Publications connected car Internet of Things Mobil


Share high-quality web security related articles with you:)


Tag Cloud