HackDig : Dig high-quality web security articles for hackers

IAmTheKing and the SlothfulMedia malware family

On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with additional context. In June 2018, we published the first report on a n
Publish At:2020-10-15 07:50 | Read:112 | Comments:0 | Tags:APT reports Featured Backdoor Keyloggers Malware Description

Creepy covert camera “feature” found in popular smartwatch for kids

byPaul DucklinIf you nearly didn’t read this article because you thought the headline sounded unsurprising, like “Dinosaurs Still Extinct” or “Sun to Rise in East”……then be aware that we nearly didn’t write it for the same reason.Bugs and vulnerabilities in built-down-to-a-price devices made for kids are, very
Publish At:2020-10-13 14:18 | Read:204 | Comments:0 | Tags:Android Privacy Vulnerability Backdoor smartwatch vulnerabil

Five Eyes nations plus India and Japan call for encryption backdoor once again

Members of the Five Eyes intelligence alliance once again call for tech firms to engineer backdoors into end-to-end and device encryption. States of the Five Eyes intelligence alliance (US, UK, Canada, Australia, and New Zealand), plus Japan and India, once again call for tech firms to implement backdoors into end-to-end and device encryption. “We, the
Publish At:2020-10-13 03:25 | Read:176 | Comments:0 | Tags:Breaking News Laws and regulations backdoor encryption Five

IT threat evolution Q2 2020

IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps
Publish At:2020-09-03 16:30 | Read:462 | Comments:0 | Tags:Featured Malware reports Backdoor Exploit Kits Malware Descr

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. A China-linked APT group, tracked by Kaspersky as CactusPete (aka Karma Panda or Tonto Team), was observed using an updated backdoor in recent attacks targeting military and financial organiz
Publish At:2020-08-14 14:08 | Read:398 | Comments:0 | Tags:APT Breaking News Hacking Malware backdoor CatusPete hacking

CactusPete APT group’s updated Bisonal backdoor

CactusPete (also known as Karma Panda or Tonto Team) is an APT group that has been publicly known since at least 2013. Some of the group’s activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this group’s activity for years as well. Historically, their activity has been foc
Publish At:2020-08-13 06:21 | Read:404 | Comments:0 | Tags:APT reports Featured Backdoor Data theft Malware Description

APT trends report Q2 2020

For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They
Publish At:2020-07-29 06:05 | Read:473 | Comments:0 | Tags:APT reports Featured APT Backdoor Chinese-speaking cybercrim

Kinda sorta weakened version of EARN IT Act creeps closer

byLisa VaasThere are gut-churning tales of online child sexual abuse material (CSAM). Last week, when a bill designed to strip legal protection from online abusers sailed through the Senate Judiciary Committee, UC/Berkeley Professor Hany Farid passed on this example from investigators at the Department of Justice’s Child Exploitation and Obscenity Section:
Publish At:2020-07-08 08:00 | Read:370 | Comments:0 | Tags:Cryptography Government security Law & order #nobackdoors Ba

Chinese tax software bundled with GoldenSpy backdoor targets western companies

A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install. GoldenSpy is a new backdoor that is being distributed embedded in tax payment software (the Aisino Intelligent tax software) that some businesses operating in China are required to install. The c
Publish At:2020-06-29 07:08 | Read:574 | Comments:0 | Tags:Breaking News Hacking Malware backdoor China GoldenSpy backd

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions
Publish At:2020-06-18 16:19 | Read:496 | Comments:0 | Tags:APT Breaking News Hacking Malware backdoor Gamaredon hacking

BazarBackdoor: A new gateway to corporate systems

In mid-March, the number of brute force attacks on RDP connections skyrocketed. The aim of these attacks was to take advantage of the sudden increase in remote workers and take over their corporate computers. Exploiting the current COVID-19 pandemic in this way is just one of the many techniques that cybercriminals have for gaining access to companies’
Publish At:2020-06-01 09:29 | Read:804 | Comments:0 | Tags:Business Malware advanced cybersecurity b2b backdoor spear p

New Turla ComRAT backdoor uses Gmail for Command and Control

Researchers uncovered a new advanced variant of Turla’s ComRAT backdoor that leverages Gmail’s web interface as C2 infrastructure. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ, which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of A
Publish At:2020-05-26 12:23 | Read:626 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware backdoor hacking new

Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

By Raphael Centeno and Llallum Victoria With additional insights from Bren Matthew Ebriega Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools — by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two m
Publish At:2020-05-24 07:47 | Read:417 | Comments:0 | Tags:Bad Sites Botnets Malware application backdoor botnet Devil

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited.  Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we’ve decided to republish the following blog outlining our stance on the subject. Originally published
Publish At:2020-05-24 07:20 | Read:621 | Comments:0 | Tags:Government Privacy Security world backdoor Department of Jus

New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability

By Gabrielle Joyce Mabutas With additional insights/analysis from Kazuki Fujisawa A one-time password (OTP) system involves the use of a generated password that can only be used once to log in and access specific online services. Often managed by a third-party provider, this rolling password system aims to reduce unauthorized intrusions to systems via compro
Publish At:2020-05-18 12:48 | Read:489 | Comments:0 | Tags:Mac backdoor Lazarus RAT

Tools

Tag Cloud