HackDig : Dig high-quality web security articles for hacker

Phishing – Ask and ye shall receive

During penetration tests, our primary goal is to identify the difference in paths that can be used to obtain the goal(s) as agreed upon with our customers. This often succeeds due to insufficient hardening, lack of awareness or poor password hygiene. Sometimes we do get access to a resource, but do not have access to the username or password of the user that
Publish At:2019-09-19 23:30 | Read:39 | Comments:0 | Tags:audits Blog pentest Uncategorized

Your trust, our signature

Written and researched by Mark Bregman and Rindert Kramer Sending signed phishing emails Every organisation, whatever its size, will encounter phishing emails sooner or later. While the number of phishing attacks is increasing every day, the way in which phishing is used within a cyber-attack has not changed: an attacker comes up with a scenario which looks
Publish At:2019-09-19 23:30 | Read:45 | Comments:0 | Tags:audits Blog pentest Uncategorized email hacking phishing

Identifying Cobalt Strike team servers in the wild

How an anomalous space led to fingerprinting Summary On the 2nd of January 2019 Cobalt Strike version 3.13 was released, which contained a fix for an “extraneous space”. This uncommon whitespace in its server responses represents one of the characteristics Fox-IT has been leveraging to identify Cobalt Strike Servers, with high confidence, for the
Publish At:2019-09-19 23:30 | Read:25 | Comments:0 | Tags:Threat Intelligence Uncategorized

mkYARA – Writing YARA rules for the lazy analyst

Writing YARA rules based on executable code within malware can be a tedious task. An analyst cannot simply copy and paste raw executable code into a YARA rule, because this code contains variable values, such as memory addresses and offsets. The analyst has to disassemble the code and wildcard all the pieces in the code that can change between samples. mkYAR
Publish At:2019-09-19 23:30 | Read:34 | Comments:0 | Tags:Threat Intelligence Uncategorized reverse-engineering YARA

The Concerns About Cyber Security Matter to Take Notice for the Rest of 2019

If you are a desktop user, you probably think that using a service such as Avira or Avast is enough to safeguard your information from attacks. You are so far from being genuinely safe with this type of software that is almost sweet to believe that these tools can adequately protect your personal data. The internet is still a scary place for many people and
Publish At:2019-09-19 16:35 | Read:64 | Comments:0 | Tags:Uncategorized

2,440 Websites Have Been Affected by JS-Sniffers

An international anti-cyberattack company called Group-IB has issued a report which investigates JavaScript Sniffers at length. In case you’re wondering, JavaScript sniffers are a special kind of malware that’s very efficient at stealing customer payment data directly from online stores. Currently, JS-sniffers can be found in over 2,440 e-commerce stores, wh
Publish At:2019-09-19 16:35 | Read:68 | Comments:0 | Tags:Uncategorized

How to Hack Facebook Account – 2019 Working Methods

They say that hacking is one of the most frowned upon processes to take part in, and while that may be true, there are plenty of people out there hacking for the “greater good”. All of the information that you’ll be reading through within this article is to be used for personal use only – this is merely a way to go about retrieving an account that you&
Publish At:2019-09-19 16:35 | Read:25 | Comments:0 | Tags:Uncategorized

The Qrypter Payload Malware Has Been Finally Decrypted

This article is about findings from Cybaze-Yoroi ZLAB’s discovery and the dissection of new Qrypter malware and its resulting evolution. It all started with Yoroi’s discovery of a few malicious emails during routine monitoring in the past few weeks. Upon finding these emails, the Yoroi team sent them to certain organizations and found that the malware was ta
Publish At:2019-09-19 16:35 | Read:51 | Comments:0 | Tags:Uncategorized

How to Check if My WhatsApp is Hacked & Steps to Fix it (2019 Methods)

If you are wondering if your WhatsApp account is safe, don’t worry, you are not the only one. A lot of people share the uncertainty of using the service as their main communication service for fear of being spied or because someone might gain access to it. Let’s clear the air about the purpose of this article. You probably landed here because you have conce
Publish At:2019-09-19 16:35 | Read:10 | Comments:0 | Tags:Uncategorized

Government Malware Going by the Name of Exodus Has Affected Thousands of Users

News just in; security experts have just discovered a new government spyware called Exodus which infiltrates user software using the Google Play Store. The Security without Borders organization has a team of dedicated security researchers and advisors who conducted an analysis of this threat. It was revealed through this organization that this government spy
Publish At:2019-09-19 16:35 | Read:52 | Comments:0 | Tags:Uncategorized

WMI: Some persistence idea’s

A few weeks ago I saw a tweet by @SwiftOnSecurity about a blogpost describing the “yeabest.cc” malware. Yeabests[dot]cc malware uses a hidden WMI subscription to constantly re-infect Internet Explorer/Chrome shortcutshttps://t.co/ezyUDBfMot — SwiftOnSecurity (@SwiftOnSecurity) April 25, 2016 The malware used wmi for persistence, it ran a
Publish At:2019-09-19 14:50 | Read:42 | Comments:0 | Tags:Uncategorized

Shortcuts: another neat phishing trick

Recently I read a blog about a Locky campaign using windows shortcut files to infect users. The microsoft blog describes a large scale phishing attack send Windows shortcut files in zip archives. For more inforamtion see: The TechNet blog.. The trick revolves around the fact that cmd.exe and powershell.exe both allow for commands passed via arguments. Creati
Publish At:2019-09-19 14:50 | Read:20 | Comments:0 | Tags:Uncategorized

YET ANOTHER APT34 / OILRIG LEAK, QUICK ANALYSIS

Yesterday various tools, documentation and intel was dropped on Telegram. Another quick analysis can be found on https://misterch0c.blogspot.com/2019/04/apt34-oilrig-leak.html the blog describes Poisonfrog and the HighShell and HyperShell webshells. This blog looks at another webshell (“base.aspx.txt”) that’s included in the dump. It caug
Publish At:2019-09-19 14:50 | Read:61 | Comments:0 | Tags:Uncategorized

Fake Snapchat in Google Play Store

Introduction   Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a  ” .” appended to original name. Fake
Publish At:2017-08-11 02:50 | Read:4281 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Hackshit PhaaS platform, even more easy to power Phishing campaigns

The experts from Netskope Threat Research Labs discovered the Hackshit PhaaS platform, another interesting case of crimeware-as-a-service. A few days ago, we discussed the Katyusha scanner,a powerful and fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future that was available for $500 in the cyber crime undergr
Publish At:2017-07-16 07:30 | Read:3660 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Uncategorized crimeware-as

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud