HackDig : Dig high-quality web security articles for hacker

Diving Into Zberp’s Unconventional Process Injection Technique

IBM X-Force Research recently discovered a small-scale malware campaign involving a Neutrino bot, aka Kasidet, dropping a payload that contains two Zeus malware breeds: Atmos and Zberp. Both of these codes are based on the leaked source code of the Zeus V2 banking Trojan that was exposed publicly in 2011. The Zberp Trojan, which is a subvariant of ZeusVM mix
Publish At:2017-10-22 05:01 | Read:155 | Comments:0 | Tags:Malware X-Force Research Banking Trojan Carberp Carberp sour

Cybercrime’s Cryptocurrency Gold Rush: Going Strong!

What’s the connection between cybercrime and cryptocurrencies? Perhaps it would suffice to say that the reasons for criminals adopting the cryptocoin are quite obvious. But when did this all start, and what fuels it and gets fueled in return? This blog will go over some of the historical reasons that connect cybercrime and cryptocurrency as well as exa
Publish At:2017-10-04 21:35 | Read:134 | Comments:0 | Tags:Fraud Protection Threat Intelligence Bitcoin Bitcoin Mining

POS Malware Breach Sees Payment Cards Hit Underground Shops

News about POS malware breaches affecting two retailers hit the headlines last week, this time featuring a fast-food restaurant chain in the U.S. that operates around 3,500 locations across the country, most of which are franchised, and a popular supermarket. Both entities, like others before them, were notified of suspicious activity by a third-party servic
Publish At:2017-10-04 03:05 | Read:246 | Comments:0 | Tags:Data Protection Fraud Protection Malware Retail Threat Intel

Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program

Risk management is the process of identifying, assessing and controlling threats to an organization. It is also a way to increase the security maturity of an organization. Risk management allows you to think about security more strategically and answer the questions that come from your company board, such as: How many times was the organization attacked? Is
Publish At:2017-10-03 08:40 | Read:274 | Comments:0 | Tags:CISO Incident Response Risk Management Incident Management I

Put Threat Intelligence Into Action With Security Apps

It’s now easier than ever to make threat intelligence from IBM X-Force Exchange actionable. Since its inception in 2015, X-Force Exchange has provided both granular indicators of compromise and higher-order intelligence through public collections to help shorten security investigations. A recent update to the X-Force Exchange collaborative platform no
Publish At:2017-09-27 22:45 | Read:74 | Comments:0 | Tags:Threat Intelligence X-Force Research IBM Security App Exchan

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple
Publish At:2017-09-21 19:15 | Read:208 | Comments:0 | Tags:Advanced Threats Cloud Security Data Protection Software & A

Network Attacks Containing Cryptocurrency CPU Mining Tools Grow Sixfold

Since we last reported on a version of the ELF Linux/Mirai malware containing cryptocurrency coin-mining tools in April, the IBM X-Force has noticed a steep increase in the volume of coin central processing unit (CPU) mining tools used in cyberattacks, specifically those targeting enterprise networks. According to IBM Managed Security Services (MSS) data,
Publish At:2017-09-19 12:00 | Read:141 | Comments:0 | Tags:Advanced Threats Security Services Threat Intelligence X-For

Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise

Indicators of compromise (IoCs) are artifacts such as file hashes, domain names or IP addresses that indicate intrusion attempts or other malicious behavior. These indicators consist of: Observables — measurable events or stateful properties; and Indicators — observables with context, such as time range. IoCs are crucial for sharing threat information and
Publish At:2017-09-18 17:25 | Read:164 | Comments:0 | Tags:Fraud Protection Incident Response Cyberattacks Incident Res

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:263 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

What Do Avocados and Threat Intelligence Have in Common?

Full disclosure: I would not eat guacamole for years because a certain puppet-centric movie I saw as a child had me convinced that it was actually made of frog brains. Once in college, however, seeing guacamole being made completely changed my opinion — unlike a sausage-making demonstration in a rather unfortunate public speaking class that same year of coll
Publish At:2017-09-13 08:20 | Read:236 | Comments:0 | Tags:Incident Response Threat Intelligence IBM X-Force Exchange I

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:176 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

A Basic Model to Measure SIEM Maturity

Every day, organizations rely on security information and event management (SIEM) solutions to protect, control and monitor their technology infrastructures. These platforms serve as early detection tools for security threats. But how can security professionals validate that their SIEM systems are properly configured and aligned with the organization’s
Publish At:2017-09-08 10:00 | Read:223 | Comments:0 | Tags:Data Protection Network Security Intelligence & Analytics Se

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:263 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

Know Your Data and Your Enemies: Establishing a Baseline for Proactive Threat Hunting

The purveyors of modern threats are not trying to simply deface your website or own your web server. These advanced attackers are attempting to siphon critical and sensitive data from your network over long periods of time, and do so undetected. Where Is Your Data? When threat hunting, at a minimum, you should know where your critical data is stored and how
Publish At:2017-09-06 20:40 | Read:302 | Comments:0 | Tags:Data Protection Incident Response Risk Management Security I

Seven Steps to Improve Your Security Operations and Response

It’s hard to escape the reality that every day, cyberthreats morph and expand, escalating the need to improve and tighten security operations and response practices. While it may feel overwhelming, there are ways to help level the playing field. Cognitive computing and machine learning are new technologies that can empower security practitioners to foc
Publish At:2017-09-05 09:35 | Read:165 | Comments:0 | Tags:CISO Cognitive Endpoint Incident Response Security Intellige

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud