HackDig : Dig high-quality web security articles for hackers

COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program

IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-rel
Publish At:2020-07-07 11:48 | Read:99 | Comments:0 | Tags:Advanced Threats Threat Intelligence Threat Research X-Force

Vulnerable Powerline Extenders Underline Lax IoT Security

Multiple vulnerabilities have been found in Tenda PA6 Wi-Fi Powerline extender, version 1.0.1.21. This device is part of Tenda’s PH5 Powerline Extender Kit and extends the wireless network through home’s existing electrical circuitry. The kit, in collaboration with X-Force Red, IBM Security’s team of hackers, aligns with the HomePlug AV2 technology and
Publish At:2020-06-25 14:07 | Read:146 | Comments:0 | Tags:Application Security Endpoint Software & App Vulnerabilities

German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign

During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutz
Publish At:2020-06-08 06:45 | Read:133 | Comments:0 | Tags:Incident Response Threat Intelligence Threat Research Phishi

Video Conferencing Security for Businesses Isn’t a New Issue, It Just Came Into Focus

With 316 million Americans being asked to stay at home during the COVID-19 pandemic and nearly half of the U.S. population still working from home, video conferencing has suddenly become a critical tool for businesses. In fact, tools for remote work have spiked 84 percent since February, with video conferencing platforms like Webex recently sharing that they
Publish At:2020-06-01 07:09 | Read:220 | Comments:0 | Tags:Threat Research remote workforce Access Management Authentic

What the Data Is Telling Us About the Current Rise in Security Threats During the COVID-19 Pandemic

The current pandemic has shown us what humanity stands for: kindness, care, sharing, giving and all the great values that we have as a global community, especially in hard times. In these times of need, there are multiple initiatives that are being driven by individuals and organizations alike asking for help — both in kind and cash. And, as one would expect
Publish At:2020-05-24 06:18 | Read:193 | Comments:0 | Tags:Network Threat Research Cyberattacks Cybercriminals Identity

Grandoreiro Malware Now Targeting Banks in Spain

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers
Publish At:2020-04-13 10:30 | Read:524 | Comments:0 | Tags:Malware Threat Research Banking Banking Malware Banking Troj

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:542 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

9 Best Practices from X-Force Red for Organizations and Employees

As employers rapidly respond to the need to protect their workforces from potential exposure and spread of the novel coronavirus, also known as COVID-19, many organizations are making the very difficult decision to pivot to a work-from-home model. This means employees will be connecting to corporate networks from whichever device is available: laptops, phone
Publish At:2020-03-18 16:57 | Read:494 | Comments:0 | Tags:Application Security CISO Data Protection Threat Intelligenc

IBM X-Force Threat Intelligence Cybersecurity Brief: Novel Coronavirus (COVID-19)

Global events such as the novel coronavirus (COVID-19) make all of us attractive targets for cybersecurity criminals. Whether it’s phishing emails or new targeted scams, these tactics are meant to take advantage of citizens who are understandably concerned about their safety and health during this challenging time. COVID-19 email exploits can deliver damagin
Publish At:2020-03-17 18:13 | Read:416 | Comments:0 | Tags:Advanced Threats Threat Intelligence Threat Research IBM X-F

How Zimperium’s z9 Detected Unknown Mobile Malware Overlooked by the AV Industry

Introduction Thousands of new malicious apps are being released for mobile devices every day. And thousands more variations of older malware are being released too. Unfortunately, many of these new/old threats are not being detected by the existing mobile malware technology. Organizations need next generation machine learning-based solutions that can effect
Publish At:2019-11-12 12:25 | Read:1030 | Comments:0 | Tags:Threat Research apps Enterprise Mobile and Security

The Unpatchable Checkra1n Exploit

Today, the “unpatchable” jailbreak known as  Checkra1n (Device Compatibility) was officially released and generally available. Checkra1n is unprecedented in potential impact with millions of devices at risk as a result of the extensive device and iOS targets. While this should concern anyone using any of the targeted devices or iOS versions, those using Zim
Publish At:2019-11-12 00:25 | Read:1072 | Comments:0 | Tags:Threat Research checkra1n exploit

The Day MegaCortex Ransomware Mayhem Was Averted

Averting cyberattacks planned out by aggressive threat actors is no easy feat for any organization, and much less for incident response (IR) teams who are usually called in after the attack has caused damage. IBM X-Force Incident Response and Intelligence Services (IRIS) analysts know this firsthand. The problem with this approach is that when an attack is a
Publish At:2019-10-18 10:20 | Read:852 | Comments:0 | Tags:Incident Response Malware Security Intelligence & Analytics

What exactly is a mobile ______ attack?

Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints. Attackers work on the same model as any other business: where do they get the greatest return on their investment of
Publish At:2019-09-19 14:33 | Read:1192 | Comments:0 | Tags:Android App Security iOS Mobile Malware Mobile Security Mobi

Malicious Websites Put iOS Devices At Risk

In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iOS 0-day. (For another watering hole attack example, please see our recent blog,
Publish At:2019-09-19 14:33 | Read:1241 | Comments:0 | Tags:iOS Machine Learning Mobile Security Mobile Threat Defense T

The Clicking Bot Applications

Cyber crime, like any crime, has its motives; each malware has its own malicious profit. Spyware spies on you. Ransomware demands a ransom to decrypt your private digital data. Phishing Malware phishes for your username, password or account numbers. Installation-fraud achieves fake software installations. Ad fraud fraudulently represents online advertisement
Publish At:2017-11-07 10:45 | Read:73491 | Comments:2 | Tags:Analysts Android App Security Mobile Malware Threat Research

Announce

Share high-quality web security related articles with you:)

Tools