HackDig : Dig high-quality web security articles for hackers

Carbon Emissions: Oversharing Bug Puts Security Vendor Back in Spotlight

Last week, security firm DirectDefense came under fire for over-hyping claims that Cb Response, a cybersecurity product sold by competitor Carbon Black, was leaking proprietary data from customers who use it. Carbon Black responded that the bug identified by its competitor was a feature, and that customers were amply cautioned in advance about the potential
Publish At:2017-08-18 22:55 | Read:3877 | Comments:0 | Tags:Other Amazon Macie Carbon Black DirectDefense Mike Viscuso s

See Our Threat Analysis of University College London Ransomware Attack

Ransomware has hit the news again in the UK today only a few short weeks since the WannaCry outbreak crippled the National Health Service. This time University College London (UCL) was hit by a ransomware strain which has resulted in them having to take down parts of their network to stop infected machines harming key university data. Credit to UCL for what
Publish At:2017-06-16 17:15 | Read:5788 | Comments:0 | Tags:Breaking News Threats analysis anti-virus browsing cause det

Process Explorer: An introduction

When Microsoft acquired Sysinternals in 2006, one of the most famous tools it gained was Process Explorer. For Windows operating systems (OS), especially those up to and including Windows 7, Process Explorer is an excellent replacement for Task Manager. It offers a much clearer view of what is going on and has a lot more options. Besides the options the regu
Publish At:2016-05-03 22:35 | Read:5302 | Comments:0 | Tags:101 How-tos malware Pieter Arntz process explorer sysinterna

What’s in a name?

Any time a malware variant hits the news we get numerous requests for information. It is typically quite difficult to provide any information based on names that have been given to threats. A simple way to illustrate this is by using a service such as Virustotal and seeing what name other AV companies use for the same threat. I found a recent article about a
Publish At:2015-12-02 19:30 | Read:8971 | Comments:0 | Tags:Threat Research Malware name virustotal

Stealthy GlassRAT Spies on Commercial Targets

A remote access Trojan used sparingly in targeted attacks has been found after living under cover for three years, undetected by most security gear.The RAT, dubbed GlassRAT, was signed with a certificate belonging to a popular Chinese software company with hundreds of millions of users worldwide. The RAT was used to spy on Chinese nationals working in commer
Publish At:2015-11-24 04:35 | Read:3632 | Comments:0 | Tags:Malware cyberespionage Espionage malware GlassRAT Kent Backm

VirusTotal Now Scans Mac Apps for Malware in a Sandbox

VirusTotal, a popular online file scanning service that analyzes files and URLs for the identification of malware, is now executing suspicious Mac apps inside a sandbox to improve its analysis and detection of Mac malware. VirusTotal now extracts behavioral information from scanned Mac executable files, an important step forward for the Google-owned file sca
Publish At:2015-11-20 01:30 | Read:4507 | Comments:0 | Tags:Security News antivirus apps Google Mac malware OS X Sandbox

VirusTotal Adds Sandbox Execution for OS X Apps

Mac malware is a thing. It’s real. Granted it hasn’t reached the critical mass of malicious code for Windows, but recent encounters with WireLurker, XcodeGhost and YiSpecter among others have elevated the conversation to levels where it’s been legitimized.Adding further credence, Google-owned online malware scanner VirusTotal this week anno
Publish At:2015-11-19 16:05 | Read:3266 | Comments:0 | Tags:Apple Google Malware Web Security apple google Mac OS X Malw

Integrating VirusTotal within ELK

[This blogpost has also been published as a guest diary on isc.sans.org] Visualisation is a key when you need to keep control of what’s happening on networks which carry daily tons of malicious files. virustotal.com is a key player in fighting malwares on a daily basis. Not only, you can submit and search for samples on their website but they also prov
Publish At:2015-07-28 16:45 | Read:4252 | Comments:0 | Tags:ELK Security Malware Software Virustotal Virus

Anthem Breach May Have Started in April 2014

Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. The Wall Street Journal reported la
Publish At:2015-02-09 23:25 | Read:6198 | Comments:0 | Tags:Other Axiom Citrix CrowdStrike Deep Panda DTOPTOOLZ Co. Grou

Automatic MIME Parts Scanning with VirusTotal

Here is a Python script that I developed for my personal use: mime2vt.py. I decided to release it because I think it could be helpful for many of you. In 2012, I started a project called CuckooMX. The goal was to automatically scan attachments in emails with Cuckoo to find for potential malicious files. Unfortunately, the project never reached a milestone to
Publish At:2014-12-15 15:45 | Read:4704 | Comments:0 | Tags:ELK Security Attachments Mail MIME Python Tool Virustotal Vi

Analyze VirusTotal Metadata to profile hackers

An independent researcher has analyzed for years the metadata on submissions to VirusTotal service identifying patterns related to many bad actors. VirusTotal is the Google owned company which offers free checking of URLs and files for viruses and other malicious code, its systems use up to 54 different antivirus software to s
Publish At:2014-09-04 08:40 | Read:5170 | Comments:0 | Tags:Cyber Crime Cyber warfare Hacking APT1 China cyber espionage


Tag Cloud