HackDig : Dig high-quality web security articles for hackers

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Researchers from SentinelOne discovered new variants of the popular Agent Tesla Trojan that includes new modules to steal credentials from applications including popular web browsers, VPN sof
Publish At:2020-08-12 14:03 | Read:179 | Comments:0 | Tags:Breaking News Cyber Crime Malware Agent Tesla Hacking hackin

WastedLocker: technical analysis

The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often. On July 23, Garmin, a major manufacturer of navigation equipment and smart devices, including smart watches and bracelets, experienced a massive service outage. As confirmed by an official stateme
Publish At:2020-07-31 07:08 | Read:107 | Comments:0 | Tags:Featured Malware descriptions Malware Descriptions Malware T

The Streaming Wars: A Cybercriminal’s Perspective

Cyber threats aren’t relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren’t APTs and massive data breaches—they’re the daily encounters with malware and spam by everyday users. And, one of the areas where we’re most vulnerable is entertainment—particularly when we’re so used to findi
Publish At:2020-07-16 08:05 | Read:127 | Comments:0 | Tags:Research Adware Cybercrime Malware Descriptions Malware Stat

Pig in a poke: smartphone adware

Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants itself in the system partition, and trying to get rid of it can lead to device failure. In addition, ads can be emb
Publish At:2020-07-06 08:25 | Read:230 | Comments:0 | Tags:Featured Research advertising networks Adware Mobile Malware

Oh, what a boot-iful mornin’

In mid-April, our threat monitoring systems detected malicious files being distributed under the name “on the new initiative of the World Bank in connection with the coronavirus pandemic” (in Russian) with the extension EXE or RAR. Inside the files was the well-known Rovnix bootkit. There is nothing new about cybercriminals exploiting the coronav
Publish At:2020-06-23 08:00 | Read:240 | Comments:0 | Tags:Featured Malware descriptions Bootkit DLL hijacking Malware

Microcin is here

In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a diplomatic entity. What initially attracted our attention was the enterprise-grade API-like (application programming interface) programming style. Such an approach is not that common in the malware world and is mostly used by top
Publish At:2020-06-19 07:29 | Read:218 | Comments:0 | Tags:APT reports Featured Malware Descriptions Malware Technologi

xHelper: Android Trojan disguised as cleaning app on smartphones

An Android theft malware disguised as a cleanup application “xHelper” has spread to tens of thousands of smartphones with Google operating systems. Although the application has been around for about a year, security experts are now issuing a new warning. This is because it has proven to be very difficult to locate the malware and it is very costl
Publish At:2020-05-24 08:27 | Read:302 | Comments:0 | Tags:Business Malware News b2b Germany Trojan

IT threat evolution Q1 2020

Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted macOS targets, with t
Publish At:2020-05-24 07:11 | Read:249 | Comments:0 | Tags:Featured Malware reports Apple iOS Apple MacOS APT Data leak

Refocusing Cybersecurity Best Practices on Security Hygiene

While organizations around the world are rightly focused on the COVID-19 pandemic, the work of cybersecurity must continue. In fact, attackers often increase their efforts to breach networks and systems during times of trouble, counting on the chaos as a useful distraction. In such times, the best cybersecurity practices should actually refocus on the most b
Publish At:2020-05-24 06:18 | Read:347 | Comments:0 | Tags:CISO Antivirus Chief Information Security Officer (CISO) Cyb

QNodeService: Node.js Trojan Spread via Covid-19 Lure

Insights and Analysis by Matthew Stewart We recently noticed a Twitter post by MalwareHunterTeam that showed a Java downloader with a low detection rate. Its name, “Company PLP_Tax relief due to Covid-19 outbreak CI+PL.jar”, suggests it may have been used in a Covid-19-themed phishing campaign. Running this file led to the download of a new, undetected malwa
Publish At:2020-05-18 12:48 | Read:378 | Comments:0 | Tags:Malware Node.js QNodeService Trojan

Cyberthreats on lockdown

Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, that
Publish At:2020-05-18 12:12 | Read:325 | Comments:0 | Tags:Research Credentials theft Cybercrime Phishing websites Rans

Trojans instead of holidays in Germany

Spam emails are currently being sent to citizens throughout Germany, supposedly from the Federal Ministry of Health. In these e-mails, the recipient is asked to view the modified application form for “family and sick leave”. The form is attached to the e-mail as a Word document. However, this file contains malware that loads the Trojan Trickbot,
Publish At:2020-05-03 10:16 | Read:545 | Comments:0 | Tags:Business Malware b2b Germany Phishing Trojan

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), w
Publish At:2020-05-03 08:13 | Read:538 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Fraud

APT trends report Q1 2020

For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They a
Publish At:2020-05-03 08:09 | Read:324 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Chinese-speaking

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:755 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

Tools

Tag Cloud