HackDig : Dig high-quality web security articles

Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?

For threat actors, phishing embodies the holy trinity of goals: easy, effective and profitable. It’s no wonder that the 2022 X-Force Threat Intelligence Index reports that phishing was the top method used by attackers to breach an organization. Of all the attacks that X-Force remediated in 2021, attackers used phishing in 41% of them. Because phishing
Publish At:2022-08-05 09:12 | Read:165 | Comments:0 | Tags:Risk Management Threat Intelligence what is phishing barrel

Ransomware review: July 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In July, LockBit maintained the place it has occupied all year as the most active ransom
Publish At:2022-08-04 20:01 | Read:306 | Comments:0 | Tags:Threat Intelligence 0mega BianLian BlackBasta Cheers conti h

Woody RAT: A new feature-rich malware spotted in the wild

This blog post was authored by Ankur Saini and Hossein Jazi The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild for at least one year. This advanced custom Rat is mainly the work of a threat actor that targets Russian entities by using lures in archive file format and mo
Publish At:2022-08-03 20:01 | Read:189 | Comments:0 | Tags:Threat Intelligence APT Follina rat russia woody Rat

What’s New in the 2022 Cost of a Data Breach Report

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. New research in this year’s report also reveals for the first time that 83% of organizations in the study have experienced more than one data br
Publish At:2022-07-27 05:13 | Read:337 | Comments:0 | Tags:Zero Trust Intelligence & Analytics Artificial Intelligence

Top 5 Security Trends this Summer: RSA Conference & Black Hat 2022

The RSA Conference 2022 – one of the world’s premier IT security conferences – was held June 6th-9th in San Francisco. The first in-person event for RSA since the global pandemic had a slightly lower turnout than in years past (26,000 compared to 36,000 attendees). But attendees and presenters alike made up for it with their eagerness to explore emerging IT
Publish At:2022-07-25 19:21 | Read:317 | Comments:0 | Tags:Business + Partners Threat Intelligence cyber resilience inf

U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack

More than a year ago, a ransomware attack made the news across the nation. The Colonial Pipeline Company announced on May 7, 2021, that the DarkSide Ransomware-as-a-Service group, based in eastern Europe, had hit it. The FBI has since confirmed DarkSide, which has since shut down, as the threat actors. What’s changed about U.S. cyber policy since then
Publish At:2022-07-25 09:11 | Read:292 | Comments:0 | Tags:Government Incident Response Threat Intelligence cybersecuri

20 Years Ago in Cybersecurity: Massive DDoS Attack Hits the Roots of the Internet

It was considered the “largest ever” internet attack in 2002. This distributed denial of service attack hit seven of the 13 servers at the top of the internet’s domain name system hierarchy. Now, 20 years later, its origins remain mysterious, but its methods and size still make it stand out. It isn’t the largest by the numbers anymor
Publish At:2022-07-21 13:09 | Read:196 | Comments:0 | Tags:Risk Management Threat Intelligence cyber attacks cybersecur

Google ads lead to major malvertising campaign

Fraudsters have long been leveraging the shady corners of the internet to place malicious adverts, leading users to various scams. However, every now and again we see a campaign that goes mainstream and targets some of the world’s top brands. Case in point, we recently uncovered a malvertising chain abusing Google’s ad network to redirect visi
Publish At:2022-07-20 20:00 | Read:270 | Comments:0 | Tags:Threat Intelligence Google malvertising scam tech support

What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’

After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of a policy set in 2018.  This policy involves partnering with foreign countri
Publish At:2022-07-15 13:09 | Read:358 | Comments:0 | Tags:Threat Hunting Threat Intelligence ukraine cyber attacks eth

Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign

This blog was authored by Roberto Santos and Hossein Jazi The Malwarebytes Threat Intelligence team recently reviewed a series of cyber attacks against Ukraine that we attribute with high confidence to UAC-0056 (AKA UNC2589, TA471). This threat group has repeatedly targeted the government entities in Ukraine via phishing campaigns following the same
Publish At:2022-07-13 16:02 | Read:387 | Comments:0 | Tags:Threat Intelligence cobalt strike cobaltstrike UAC-0056 UNC2

5 Essential Steps for Every Ransomware Response Plan

This post was written with contributions from Andrew Gorecki, Camille Singleton and Charles DeBeck. May and June bring warm weather, backyard barbecues and, in recent years, an uptick in ransomware attacks. Why? “It’s possible workers are distracted because the sun is out and kids are out of school,” said Charles DeBeck, a former senior st
Publish At:2022-07-12 17:19 | Read:334 | Comments:0 | Tags:Cloud Security Data Protection Incident Response Threat Inte

Endpoint Detection and Response: How To Choose the Right EDR Solution

A rise in remote work trends has led to a rapid increase and interconnectivity of endpoints and data in recent years. This ‘next normal’ way of working comes with its own set of security challenges – from the rise in sophisticated and automated attacks to an increase in the sheer volume of alerts that security analysts must investigate. Cy
Publish At:2022-07-07 13:09 | Read:354 | Comments:0 | Tags:Endpoint Threat Intelligence endpoint detection Artificial I

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine. Between mid-April and mid-June of 2022 the
Publish At:2022-07-07 07:06 | Read:703 | Comments:0 | Tags:Intelligence & Analytics Malware Security Services Threat In

Ransomware review: June 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In June, LockBit was the most active ransomware, just as it has been all year. The month
Publish At:2022-07-01 20:00 | Read:854 | Comments:0 | Tags:Threat Intelligence ALPHV conti Karakurt lockbit ransomware

Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine

This blog post was authored by Hossein Jazi and Roberto Santos. In a recent campaign, APT28, an advanced persistent threat actor linked with Russian intelligence, set its sights on Ukraine, targeting users with malware that steals credentials stored in browsers. APT28 (also known as Sofacy and Fancy Bear) is a notorious Russian threat actor that has be
Publish At:2022-06-21 13:00 | Read:770 | Comments:0 | Tags:Threat Intelligence

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud