HackDig : Dig high-quality web security articles for hacker

Expert disclosed 10 zero-day vulnerabilities in D-Link DIR 850L wireless routers

The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in D-Link DIR 850L routers and invites users to stop using them. The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in routers from networking equipment manufacturer D-Link that open owners to cyber attacks. The flawed devices are the
Publish At:2017-09-11 20:30 | Read:267 | Comments:0 | Tags:Breaking News Hacking backdoor D-Link DIR 850L wireless rout

ShadowPad in corporate networks

 ShadowPad, part 2: Technical Details (PDF) In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The partner, which is a financial institution, discovered the requests originating on systems involved in the processing of financial transactions. Further investigation showed that the sour
Publish At:2017-08-15 14:15 | Read:363 | Comments:0 | Tags:Featured Research Backdoor DNS Software supply-chain attack

Malware campaign targets Russian-Speaking companies with a new Backdoor

Trend Micro spotted a new espionage campaign that has been active for at least 2 months and that is targeting Russian-speaking firms with a new backdoor Security experts at Trend Micro have spotted a new cyber espionage campaign that has been active for at least two months and that is targeting Russian-speaking enterprises delivering a new Windows-based back
Publish At:2017-08-11 16:10 | Read:294 | Comments:0 | Tags:Breaking News Hacking Malware backdoor malware Russia Squibl

Backdoor-carrying Emails Set Sights on Russian-speaking Businesses

by Lenart Bermejo, Ronnie Giagone, Rubio Wu, and Fyodor Yarochkin  A malicious email campaign against Russian-speaking enterprises is employing a combination of exploits and Windows components to deliver a new backdoor that allows attackers to take over the affected system. The attack abuses various legitimate Windows components to run unauthorized scripts;
Publish At:2017-08-07 10:55 | Read:179 | Comments:0 | Tags:Exploits Malware backdoor CVE-2017-0199 JavaScript Powershel

Black Hat 2017 – GitPwnd tool could be used by attackers to communicate with compromised devices via Git repositor

Black Hat 2017 – Security experts develop GitPwnd, a tool that could be used by attackers to communicate with compromised devices via Git repositories. Even if the Black Hat conference was ended a few days ago, here we are discussing interesting talks of cyber security experts that participated at the event. Clint Gibler, a security researcher at NCC G
Publish At:2017-08-04 21:15 | Read:695 | Comments:0 | Tags:Breaking News Hacking backdoor cyber espionage GitHub GitPwn

CowerSnail, from the creators of SambaCry

We recently reported about SambaCry, a new family of Linux Trojans exploiting a vulnerability in the Samba protocol. A week later, Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C server that both programs used – cl.ezreal.space:20480 – t
Publish At:2017-07-25 11:30 | Read:209 | Comments:0 | Tags:Research Backdoor malware description Windows

Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More

by Lenart Bermejo, Jordan Pan, and Cedric Pernet The information-stealing RETADUP worm that affected Israeli hospitals is actually just part of an attack that turned out to be bigger than we first thought—at least in terms of impact. It was accompanied by an even more dangerous threat: an Android malware that can take over the device. Detected by Trend Micro
Publish At:2017-07-17 08:20 | Read:202 | Comments:0 | Tags:Mobile android backdoor GhostCtrl OmniRAT

Honeypots and the Internet of Things

There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or ‘smart’ devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up o
Publish At:2017-06-19 09:35 | Read:373 | Comments:0 | Tags:Featured Research Backdoor Botnets DDoS-attacks honeypot Int

SambaCry is coming

Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for *nix-based systems – EternalRed (aka SambaCry). This vulnerability (CVE-2017-7494) relates to all versions of Samba, starting from 3.5.0, which was released in 2010, and was patched only in the latest versions of
Publish At:2017-06-10 04:35 | Read:480 | Comments:0 | Tags:Featured Research Backdoor Cryptocurrencies Vulnerabilities

APT32, a new APT group alleged linked to the Vietnamese Government is targeting foreign corporations

APT32 is a new APT group discovered by security experts at FireEye that is targeting Vietnamese interests around the globe. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group. The hackers targeting organizations across multiple industries and have also targeted
Publish At:2017-05-16 09:30 | Read:580 | Comments:0 | Tags:APT Breaking News Hacking Intelligence APT32 backdoor cyber

BAIJIU Malware abuses Japanese Web hosting service to target North Korea

Security researchers from Cylance discovered a new fileless malware dubbed BAIJIU that was used to targets North Korea. Security experts believe the threat has a Chinese origin, attackers delivered it through a phishing campaign. “BAIJIU, which evades widespread detection, abuses global concern about the dire humanitarian situation in North Korea. It e
Publish At:2017-05-15 15:05 | Read:420 | Comments:0 | Tags:Breaking News Cyber Crime Hacking backdoor BAIJIU Malware cy

The massive attack against Israel was alleged launched by the Iranian OilRig APT group

According to the experts at the security firm Morphisec that massive attack against Israeli targets was powered by the OilRig APT group. Yesterday the Israeli Cyber Defense Authority announced it has thwarted a major cyberattack against 120 targets just days after harsh criticism of new cyber defense bill. In a first time, the authorities blamed a foreign
Publish At:2017-04-28 15:05 | Read:578 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence backdoo

Use of DNS Tunneling for C&C Communications

– Say my name. –! – You are goddamn right. Network communication is a key function for any malicious program. Yes, there are exceptions, such as cryptors and ransomware Trojans that can do their job just fine without using the Internet. However, they also require their victims to establish contact with the threat actor so they can
Publish At:2017-04-28 13:40 | Read:601 | Comments:0 | Tags:Blog Research Backdoor DNS Malware Descriptions Malware Tech

Unraveling the Lamberts Toolkit

Yesterday, our colleagues from Symantec published their analysis of Longhorn, an advanced threat actor that can be easily compared with Regin, ProjectSauron, Equation or Duqu2 in terms of its complexity. Longhorn, which we internally refer to as “The Lamberts”, first came to the attention of the ITSec community in 2014, when our colleagues from F
Publish At:2017-04-16 11:45 | Read:680 | Comments:0 | Tags:Blog Research Backdoor Malware Descriptions Targeted Attacks

The Winnti Gang continues its activity and leverages GitHub for C&C Communications

Trend Micro discovered the Chinese threat actor Winnti has been abusing GitHub service for command and control (C&C) communications. Security experts at Trend Micro continue to monitor the activities of the Chinese Winnti hacker group, this time the hackers have been abusing GitHub for command and control (C&C) communications. “Recently, the Wi
Publish At:2017-03-26 19:40 | Read:685 | Comments:0 | Tags:Breaking News Cyber Crime Hacking backdoor cyber espionage G


Share high-quality web security related articles with you:)


Tag Cloud