HackDig : Dig high-quality web security articles for hacker

Tampa Bay Times hit with Ryuk ransomware attack

Florida newspaper The Tampa Bay Times suffered a Ryuk ransomware attack Thursday, making it the latest major victim of the notorious ransomware family that continues to rise in popularity. Curiously, the paper is at least the third Florida-based Ryuk victim in the past year. The attack, which The Tampa Bay Times reported on itself, did not result in a
Publish At:2020-01-24 16:50 | Read:172 | Comments:0 | Tags:Ransomware Chicago Tribune CrowdStrike DCH Health System emo

[SANS ISC] Complex Obfuscation VS Simple Trick

I published the following diary on isc.sans.edu: “Complex Obfuscation VS Simple Trick“: Today, I would like to make a comparison between two techniques applied to malicious code to try to bypass AV detection. The Emotet malware family does not need to be presented. Very active for years, new waves of attacks are always fired using different in
Publish At:2020-01-23 08:20 | Read:90 | Comments:0 | Tags:Malware SANS Internet Storm Center Security Emotet Maldoc Ob

A week in security (January 13 – 19)

Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed you about new rules on deepfakes in the US, and demonstrated how backdoors in elastic servers expose private data. Other cybersecurity news An online group of cybersecurity analysts calling themselves Intrusion Truth have revea
Publish At:2020-01-20 16:50 | Read:242 | Comments:0 | Tags:A week in security apt40 Cisco citrix data enrichment deepfa

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails. What kic
Publish At:2019-12-19 16:50 | Read:255 | Comments:0 | Tags:Awareness ashley madison ashley madison hack BadRabbit cambr

Threat spotlight: The curious case of Ryuk ransomware

Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now a name that appears in several rosters of the nastiest ransomware to ever grace the wild web. For an incredibly young strain—only 15 months old—Ryuk ransomware gaining such notoriety is quite a feat to achieve. Unless the threat actors behind its
Publish At:2019-12-12 21:50 | Read:523 | Comments:0 | Tags:Threat spotlight AES average ransom amount BitPaymer BitPaym

Labs report finds cyberthreats against healthcare increasing while security circles the drain

The team at Malwarebytes Labs is at it again, this time with a special edition of our quarterly CTNT report—Cybercrime tactics and techniques: the 2019 state of healthcare. Over the last year, we gathered global data from our product telemetry, honeypots, threat intelligence, and research efforts, focusing on the top threat categories and families that plagu
Publish At:2019-11-13 09:50 | Read:310 | Comments:0 | Tags:Reports APIs biotech EHR electronic health record emotet hea

A week in security (September 23 – 29)

Last week on Labs, we highlighted an Emotet campaign using Snowden’s new book as a lure, discussed how 15,000 webcams are vulnerable to attack, how insurance data security laws skirt political turmoil, and how the new iOS exploit checkm8 allows permanent compromise of iPhones. Other cybersecurity news Google said its quantum computer outperformed conv
Publish At:2019-09-30 23:20 | Read:518 | Comments:0 | Tags:A week in security ccleaner checkm8 doordash emotet ihandy i

A week in security (September 16 -22)

Last week on Labs, we sounded the alarm about the relaunch of Emotet, one of the year’s most dangerous forms of malware, with a new spam campaign. We also reported on how international students in UK are targeted by visa scammers, what CEOs think about a potential US data privacy law, and introduced Malwarebytes Browser Guard. Finally, we looked at the
Publish At:2019-09-23 23:25 | Read:680 | Comments:0 | Tags:A week in security amazon Browser guard data destruction edu

Emotet malspam campaign uses Snowden’s new book as lure

Exactly one week ago, Emotet, one of the most dangerous threats to organizations in the last year, resumed its malicious spam campaigns after several months of inactivity. Based on our telemetry, we can see that the botnet started becoming chatty with its command and control servers (C2), about a week or so before the spam came through. Figure 1: Communic
Publish At:2019-09-23 23:25 | Read:693 | Comments:0 | Tags:Botnets botnet botnets Edward Snowden emotet macros malspam

Emotet is back: botnet springs back to life with new spam campaign

After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control (C2) server activity. But this morning, the Trojan started pumping out spam, a clear indication it’s ready to jum
Publish At:2019-09-20 11:20 | Read:622 | Comments:0 | Tags:Botnets botnet botnets downloader emotet information stealer

Emotet at Heise, Emotet there, Emotet everywhere – Dissection of an Incident

After the Emotet Incident at Heise, where ERNW has been consulted for Incident Response, we decided to start a blogpost series, in which we want to regularly report on current attacks that we observe. In particular we want to provide details about the utilized pieces of malware, different stages, and techniques used for the initial infection and lateral move
Publish At:2019-09-19 17:15 | Read:379 | Comments:0 | Tags:Misc emotet heise incident incident analysis malware

A Follow-Up on the Heisec Webinar on Emotet & Some Active Directory Security Sources

Some weeks ago, Heinrich and I had the pleasure to participate in the heisec-Webinar “Emotet bei Heise – Lernen aus unseren Fehlern”. We really enjoyed the webinar and the (alas, due to the format: too short) discussions and we hope we could contribute to understand how to make Active Directory implementations out there a bit safer in the f
Publish At:2019-09-19 17:15 | Read:288 | Comments:0 | Tags:Misc Active Directory emotet heise incident

Secret Service Investigates Breach at U.S. Govt IT Contractor

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner
Publish At:2019-09-19 16:10 | Read:366 | Comments:0 | Tags:Data Breaches Dana Deasy Emotet Hold Security Julius Patters

EMOTET Returns, Starts Spreading via Spam Botnet

We first detected the banking malware EMOTET back in 2014, we looked into the banking malware’s routines and behaviors and took note of its information stealing abilities via network sniffing. After a period of relative inactivity, it appears it’s making a comeback with increased activity from new variants (Detected by Trend Micro as TSPY_EMOTET.AUSJLA
Publish At:2017-09-07 22:45 | Read:4928 | Comments:0 | Tags:Botnets Malware botnet EMOTET Trojan

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game

By Alice Decker, Jasen Sumalapao, and Gilber Sison In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEy
Publish At:2016-12-30 08:05 | Read:3343 | Comments:0 | Tags:Malware Ransomware Spam CERBER DRIDEX EMOTET GoldenEye Misch

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud