HackDig : Dig high-quality web security articles

Raccoon Stealer returns with a new bag of tricks

The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon stealer is malware as a service, with the developers selling it to would-be users. The operation is a tightly-run ship, to the extent that customers have digital signatures tied to their executables. If files end
Publish At:2022-06-30 11:52 | Read:469 | Comments:0 | Tags:Cybercrime data theft exfiltration malware malware as a serv

Apple AirTag hacked again – free internet with no mobile data plan!

byPaul DucklinEarlier this week we wrote about a jailbreak hack against Apple’s newly introduced AirTag product.In that story, the researcher @ghidraninja was able to modify the firmware on the AirTag itself, despite the anti-tampering protection implemented by Apple’s own AirTag firmware programming.But this “attack” (if that is the
Publish At:2021-05-25 12:52 | Read:1682 | Comments:0 | Tags:Apple AirTag exfiltration hack

Insider threats: If it can happen to the FBI, it can happen to you

If you’re worried about the risk of insider threats, you’re not alone. It can affect anyone, even the FBI. A federal grand jury has just charged a former intelligence analyst with stealing confidential files from 2004 to 2017. That’s an incredible 13 years of “What are you doing with that pile of classified material?”. Even more so, considering the indictmen
Publish At:2021-05-25 10:39 | Read:1661 | Comments:0 | Tags:Privacy compromise data exfiltration fbi insider threat FBI

The MITRE ATT&CK Framework: Exfiltration

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage.Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating da
Publish At:2020-05-27 05:35 | Read:3062 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK exfiltration MITRE

DNS exfiltration case study

Lately, we came across a remote code execution in a Tomcat web service by utilizing Expression Language. The vulnerable POST body field expected a number. When sending ${1+2} instead, the web site included a Java error message about a failed conversion to java.lang.Long from java.lang.String with value "3". From that error message we learned a couple of thin
Publish At:2020-03-04 10:31 | Read:2811 | Comments:0 | Tags:Breaking Building DNS Dora Exfiltration

Hackers Stole Data and Personal Information from Nuclear Research Center

Hackers stole nuclear research data and personal information off of a computer at the University of Toyama’s Hydrogen Isotope Research Center.According to university officials, the hackers posed as a Tokyo university student to deliver a malware-laden document to a teaching member at the center, which conducts research on hydrogen, deuterium, and tritium for
Publish At:2016-10-18 17:25 | Read:6645 | Comments:0 | Tags:Latest Security News data exfiltration hackers IAEA nuclear

Malware stealing gigabytes of your data as seen by Cognitive Threat Analytics

This post is authored by Gayan de Silva and Martin Pospisil.OverviewRecently, about 50 users across 20 companies were alarmed by the Cisco Cognitive Threat Analytics (CTA) about a malware that exfiltrates gigabytes of data from their computers. An example of such CTA detection:In addition to the usual malware command and control activities, the incident feat
Publish At:2015-12-15 04:45 | Read:4981 | Comments:0 | Tags:Security Cognitive Threat Analytics exfiltration malware

Monitoring The Unknown

File Integrity Monitoring (FIM) has been around for a long time. In fact, Tripwire has been a pioneer in FIM since the early 1990s when Gene Kim released the first version of Tripwire.Monitoring for change enables you to know what changes were made, who made the changes, and the changes that occurred. This allows you to easily roll back to a known good conf
Publish At:2015-12-10 17:15 | Read:6058 | Comments:0 | Tags:Tripwire News auto-monitor exfiltration File Integrity Monit

Lies, damned lies and statistics*

Lies, damned lies and statistics* Posted by David Harley on July 29, 2015.I’m indebted to Clearswift (by way of the Register) for providing me with essential statistics on how much it would cost me to bribe someone to give me their company’s proprietary and customer data.Ap
Publish At:2015-07-30 05:50 | Read:5246 | Comments:0 | Tags:David Harley bribery exfiltration statistics surveys

Hacking the hackers : A cyber resilience approach

A cyber resilience approach: the need to become cyber resilient is very essential because eliminating risks completely is impossible. Hacking emerged as a geeky, tech-oriented culture that was a little mischievous, but ultimately was about programming and finding faults or bugs in the code. It has evolved over time to become a
Publish At:2015-03-02 18:00 | Read:6398 | Comments:0 | Tags:Breaking News Hacking Security Cyber Resilience cyber securi

Ali Baba, the APT group from the Middle East

Adrian Nish of BAE System presented the results of its investigation on the Ali Baba APT group operating from the Middle East that hit Western companies. Yesterday the Kaspersky Lab team revealed the results of its investigation on the hacking crew dubbed the Equation group, a team of hackers that demonstrate extraordinary cap
Publish At:2015-02-19 14:15 | Read:7329 | Comments:0 | Tags:Breaking News Cyber Crime Malware Ali Baba Ali Baba APT APT

Academics Use Siri to Move Secrets Off Jailbroken iOS Devices

Attackers living on any network are all about one thing: persistence. They want to get on quietly and stay on quietly. But what about moving stolen data off a network? How quiet can that be?Two researchers believe they’ve figured out a way to combine Siri, Apple iOS’ native voice-activated service, and tenets of steganography to sneak data from j
Publish At:2015-01-21 01:30 | Read:5627 | Comments:0 | Tags:Apple Vulnerabilities data exfiltration exfiltration informa

Basic Data Exfiltration

So you pwned the system and got root access, awesome but what's next? Oh, I need to get the /etc/passwd and /etc/shadow out for a start. Ok how?There are a couple of ways to do it:1. Meterpreter's 'download' commandIt's great if you're using meterpreter as the payload. Simple and hassle free. Just 'cd' and 'pwd' through the victim machine's directory withou
Publish At:2014-08-12 20:06 | Read:6287 | Comments:0 | Tags:data exfil exfiltration meterpreter netcat pentest ssh wget

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud