HackDig : Dig high-quality web security articles for hackers

Malicious npm packages spotted delivering njRAT Trojan

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js developers w
Publish At:2020-12-01 19:18 | Read:114 | Comments:0 | Tags:Breaking News Hacking Malware hacking news information secur

IT threat evolution Q3 2020. Non-mobile statistics

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q3: Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. 456,573,467 unique URLs were recognized as malicious by Web
Publish At:2020-11-20 07:18 | Read:150 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Inter

IT threat evolution Q3 2020

Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required sig
Publish At:2020-11-20 06:07 | Read:99 | Comments:0 | Tags:Featured Malware reports Backdoor Exploit Kits Malware Descr

[SANS ISC] PowerShell Dropper Delivering Formbook

I published the following diary on isc.sans.edu: “PowerShell Dropper Delivering Formbook“: Here is an interesting PowerShell dropper that is nicely obfuscated and has anti-VM detection. I spotted this file yesterday, called ‘ad.jpg’ (SHA256:b243e807ed22359a3940ab16539ba59910714f051034a8a155cc2aff28a85088). Of course, it’s not
Publish At:2020-11-19 08:49 | Read:106 | Comments:0 | Tags:Malware SANS Internet Storm Center Security Obfuscation Powe

Advanced Threat predictions for 2021

Trying to make predictions about the future is a tricky business. However, while we don’t have a crystal ball that can reveal the future, we can try to make educated guesses using the trends that we have observed over the last 12 months to identify areas that attackers are likely to seek to exploit in the near future. Let’s start by reflecting on
Publish At:2020-11-19 06:20 | Read:190 | Comments:0 | Tags:Featured Kaspersky Security Bulletin APT Cybercrime Data lea

Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa

This week on Lock and Code, we offer something special for listeners—a backstage pass to a cybersecurity training that we held for employees during Cybersecurity Awareness Month, which ended in October. The topic? The future of cybersecurity for the Internet of Things. Our guests, Chief Information Security Officer John Donovan and Security Evangelist
Publish At:2020-11-09 15:23 | Read:260 | Comments:0 | Tags:Podcast cybersecurity awareness month elections hacking hosp

RansomEXX Trojan attacks Linux systems

We recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems. After the initial analysis we noticed similarities in the code of the Trojan, the text of the ransom notes and the general approach to extortion, which suggested that we had in fact encountered a
Publish At:2020-11-06 11:47 | Read:185 | Comments:0 | Tags:Featured Malware descriptions Encryption Linux Malware Descr

New Emotet delivery method spotted during downward detection trend

Emotet, one of cybersecurity’s most-feared malware threats, got a superficial facelift this week, hiding itself within a fake Microsoft Office request that asks users to update Microsoft Word so that they can take advantage of new features. This revamped presentation could point to internal efforts by threat actors to increase Emotet’s hit rate—a possibil
Publish At:2020-10-28 18:41 | Read:244 | Comments:0 | Tags:Malwarebytes news botnet Edward Snowden emotet Microsoft Off

On the trail of the XMRig miner

As protection methods improve, the developers of miners have had to enhance their own creations, often turning to non-trivial solutions. Several such solutions (previously unseen by us) were detected during our analysis of the open source miner XMRig. How it all began: ransominer Alongside well-known groups that make money from data theft and ransomware (for
Publish At:2020-10-22 07:54 | Read:268 | Comments:0 | Tags:Featured Research Cryptocurrencies Financial malware Miner T

Life of Maze ransomware

In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG, Southwire, and the City of Pensacola. The history of this ransomware began in the first half of 2019, and back then it didn’t have any dist
Publish At:2020-10-21 08:30 | Read:252 | Comments:0 | Tags:Featured Malware descriptions Cybercrime Data leaks Doxing E

Fake Windows Defender Antivirus Theme Used to Spread QBot

Digital attackers incorporated a fake Windows Defender Antivirus theme into a malicious document in order to distribute QBot malware.According to Bleeping Computer, the QBot gang began using a new template for their email attack campaigns’ malicious documents beginning on August 25, 2020.The template adopted the disguise of a Windows Defender Antivirus
Publish At:2020-10-13 09:43 | Read:240 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Qbot Tr

IT threat evolution Q2 2020

IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps
Publish At:2020-09-03 16:30 | Read:649 | Comments:0 | Tags:Featured Malware reports Backdoor Exploit Kits Malware Descr

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Researchers from SentinelOne discovered new variants of the popular Agent Tesla Trojan that includes new modules to steal credentials from applications including popular web browsers, VPN sof
Publish At:2020-08-12 14:03 | Read:507 | Comments:0 | Tags:Breaking News Cyber Crime Malware Agent Tesla Hacking hackin

WastedLocker: technical analysis

The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often. On July 23, Garmin, a major manufacturer of navigation equipment and smart devices, including smart watches and bracelets, experienced a massive service outage. As confirmed by an official stateme
Publish At:2020-07-31 07:08 | Read:507 | Comments:0 | Tags:Featured Malware descriptions Malware Descriptions Malware T

The Streaming Wars: A Cybercriminal’s Perspective

Cyber threats aren’t relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren’t APTs and massive data breaches—they’re the daily encounters with malware and spam by everyday users. And, one of the areas where we’re most vulnerable is entertainment—particularly when we’re so used to findi
Publish At:2020-07-16 08:05 | Read:455 | Comments:0 | Tags:Research Adware Cybercrime Malware Descriptions Malware Stat

Tools