HackDig : Dig high-quality web security articles for hacker

Flash Player is Dead, Long Live Flash Player!

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out th
Publish At:2017-08-02 22:00 | Read:3208 | Comments:0 | Tags:Other adobe apple Benjamin Smedberg exploit kits Facebook Fl

Adobe Flash Player flaws remain the most used by Exploit Kits

Experts from the firm Recorded Future published a report on the most common vulnerabilities used by threat actors in the exploit kits. Recorded Future published an interesting report on the most common vulnerabilities used by threat actors in the exploit kits. The experts observed that Adobe Flash Player and Microsoft products (Internet Explorer, Silverlight
Publish At:2016-12-06 21:20 | Read:3427 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Reports Adobe CVE-2016-018

New Bizarro Sundown Exploit Kit Spreads Locky

A new exploit kit has arrived which is spreading different versions of Locky ransomware. We spotted two cases of this new threat, which is based on the earlier Sundown exploit kit. Sundown rose to prominence (together with Rig) after the then-dominant Neutrino exploit kit was neutralized. Called Bizarro Sundown, the first version was spotted on October 5 wit
Publish At:2016-11-19 12:05 | Read:3102 | Comments:0 | Tags:Bad Sites Exploits Ransomware Bizarro Sundown exploit kits L

The Impact of the JohnyCryptor Ransomware

What has caused a seemingly typical ransomware from turning into one of the most popular malware threats this year? I’ve uncovered the facts, so allow me to give some insight into how this ransomware became one of the most feared strains this year.The First Johnycryptor Ransomware Major HitsIn early July 2016, various security vendors spotted the first
Publish At:2016-11-04 02:05 | Read:2574 | Comments:0 | Tags:Cyber Security Featured Articles decryption exploit kits Joh

Hacks for sale: Exploit kits provide easy avenue for unskilled attackers

One of the most common cyber-attack vehicles we’ve seen over the years involves so-called “exploit kits.” These are collections of exploits bundled together and sold as commercial software or as a service. A typical kit includes a collection of web pages with exploits for several vulnerabilities in popular web browsers, browser add-ons, or other types of sof
Publish At:2016-09-20 03:45 | Read:3148 | Comments:0 | Tags:Cybersecurity Exploit Kits Security Intelligence Report Tren

Creators of the Nuclear EK are gaining nearly 100K USD each month

According to security experts at Check Point the creators of the Nuclear EK are gaining nearly 100K USD each month, most victims are in Europe and US. Most people interested working with a cloud business model nowadays, even malware programmers. It is better than just one time selling a security exploit, authors of malware are now selling malware as a cloud-
Publish At:2016-05-26 07:20 | Read:3546 | Comments:0 | Tags:Breaking News Cyber Crime Malware crimeware kits Cybercrime

Toymaker’s website pushes ransomware that holds visitors’ files hostage

The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, has been caught pushing ransomware that holds visitors' files hostage until they pay a hefty fee.Malicious files provided by the Angler exploit kit were hosted directly on the homepage of Maisto[.]com, according to antivirus provider Malwarebytes. The attack cod
Publish At:2016-04-29 12:40 | Read:3186 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Uncategorized

“Nuclear” exploit kit service cashes in on demand from cryptoransomware rings

Security researchers at Cisco Talos and Check Point have published reports detailing the inner workings of Nuclear, an "exploit kit" Web service that deployed malware onto victims' computers through malicious websites. While a significant percentage of Nuclear's infrastructure has been recently disrupted, the exploit kit is still operating—and looks to be a
Publish At:2016-04-22 16:25 | Read:4048 | Comments:0 | Tags:Risk Assessment Technology Lab DigitalOcean exploit kits nuc

Angler Exploit Kit Spreading Cryptowall 4.0 Ransomware

As expected, it didn’t take long for one of the most popular exploit kits, Angler, to start spreading the latest iteration of Cryptowall ransomware.A drive-by campaign that uses a one-two punch to drop Cryptowall 4.0 has been observed in the wild this week, according to researchers at Heimdal Security. First, the password stealing malware Pony is dro
Publish At:2015-12-03 05:35 | Read:2485 | Comments:0 | Tags:Malware Ransomware angler Cryptowall Cryptowall 4.0 exploit

Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware

In short order, the newest version of Cryptowall has begun showing up in exploit kits.The SANS Internet Storm Center said on Tuesday that an attacker working off domains belonging to Chinese registrar BizCN has been moving the ransomware via the Nuclear Exploit Kit. SANS ISC handler and Rackspace security engineer Brad Duncan said that until recently, Cryp
Publish At:2015-11-25 16:45 | Read:2794 | Comments:0 | Tags:Malware Ransomware Web Security Angler Exploit Kit BizCN Bra

Cisco shuts down million-dollar ransomware operation

Security researchers have disrupted an online criminal operation they estimated drew $30 million per year pushing ransomware on unsuspecting people browsing the Internet.The takedown was performed by investigators from Cisco Systems' Talos security unit, which was researching the Angler Exploit kit. The hack-by-numbers tool is sold in underground crime forum
Publish At:2015-10-06 17:15 | Read:2726 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab angler exploit

Malvertising campaign targeted the Forbes Website, million users at risks

Security researchers at FireEye have uncovered a new malvertising campaign that exploited the popular Forbes.com news website. Security experts at FireEye have uncovered a new malvertising campaign that exploited the popular Forbes.com news website. The malvertising campaign was discovered earlier this month, according to the
Publish At:2015-09-23 12:20 | Read:2237 | Comments:0 | Tags:Cyber Crime Angler Cybercrime Exploit kits malvertising Neut

Large Malvertising Campaign Goes (Almost) Undetected

In mid August, the actors behind some of the recent malvertising campaigns we documented on this blog before started to come out with several new tricks to fly under the radar and yet expose tens of millions of users to malware. Without a doubt, the increased scrutiny on malvertising and ad networks has forced malicious actors to revise how they go about the
Publish At:2015-09-15 03:10 | Read:3060 | Comments:0 | Tags:Malvertising angler doubleclick exploit exploit kits malvert

Attacking Diffie-Hellman protocol implementation in the Angler Exploit Kit

Exploit kit creators have been inventing increasingly interesting methods of masking their exploits, shellcodes, and payloads so that it is harder for analysts to define the type of the exploit and know what actions they may perform. Several days ago analysts found the usage of the Diffie-Hellman cryptographic protocol in the Angler Exploit Kit, which is one
Publish At:2015-09-08 19:00 | Read:2908 | Comments:0 | Tags:Blog Research Adobe Flash Exploit Kits Microsoft Internet Ex

WordPress Compromises Behind Spike in Neutrino EK Traffic

Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic, researchers at Zscaler said.In a report published yesterday, Zscaler said it spotted attacks against sites running older versions of the content management system, 4.2 and earlier. Those sites are backdoored and redirect a victim’
Publish At:2015-08-21 12:00 | Read:2680 | Comments:0 | Tags:Malware Vulnerabilities Web Security Angler Exploit Kit cyrp

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud