HackDig : Dig high-quality web security articles for hackers

GReAT Ideas follow-up

On June 17, we hosted our first “GReAT Ideas. Powered by SAS” session, in which several experts from our Global Research and Analysis Team shared insights into APTs and threat actors, attribution, and hunting IoT threats. Here is a brief summary of the agenda from that webinar: Linking attacks to threat actors: case studies by Kurt Baumgartner T
Publish At:2020-07-15 06:12 | Read:811 | Comments:0 | Tags:Events Featured APT Cybercrime honeypot Internet of Things S

IT threat evolution Q1 2020. Statistics

These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky solutions blocked 726,536,269 attacks launched from online resources in 203 countries across the globe. A total of 442,039,230 unique URLs were recognize
Publish At:2020-05-24 07:11 | Read:682 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Googl

IoT: a malware story

Since 2008, cyber-criminals have been creating malware to attack IoT-devices, such as routers and other types of network equipment. You will find a lot of statistics on this on Securelist, most notably, here and here. The main problem with these IoT/embedded devices is that one simply cannot install any kind of security software. How do we deal with that? Th
Publish At:2019-10-15 06:20 | Read:1921 | Comments:0 | Tags:Featured Malware reports Backdoor Botnets honeypot Internet

Honeypots and the Internet of Things

There were a number of incidents in 2016 that triggered increased interest in the security of so-called IoT or ‘smart’ devices. They included, among others, the record-breaking DDoS attacks against the French hosting provider OVH and the US DNS provider Dyn. These attacks are known to have been launched with the help of a massive botnet made up o
Publish At:2017-06-19 09:35 | Read:7857 | Comments:0 | Tags:Featured Research Backdoor Botnets DDoS-attacks honeypot Int

Hajime, the mysterious evolving botnet

Introduction Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. One month later we saw the first samples being uploaded from Spain to VT. This worm builds a huge P2P botnet (almost 300,000 devices at the time of publishing this blogpost), but its real purpose
Publish At:2017-04-25 12:00 | Read:9838 | Comments:0 | Tags:Blog Featured Research Botnets honeypot Internet of Things M

Deception as a {Free} Post-Breach Detection Tool

The Clifford Stoll’s interesting story of stalking the wily hacker back in the 80s was probably the first time deception was used for catching a hacker. Since then, the technology has changed a lot, but the concept of honeypots and deception in general has remained the same.Despite the undeniable and important role that honeypots have in proactive defense st
Publish At:2017-03-08 04:10 | Read:5309 | Comments:0 | Tags:Featured Articles IT Security and Data Protection breach det

Integrating OpenCanary & DShield

Being a volunteer for the SANS Internet Storm Center, I’m a big fan of the DShield service. I think that I’m feeding DShield with logs for eight or nine years now. In 2011, I wrote a Perl script to send my OSSEC firewall logs to DShield. This script has been running and pushing my logs every 30 mins for years. Later, DShield was extended to colle
Publish At:2017-02-16 07:40 | Read:9535 | Comments:0 | Tags:Security Software Uncategorized Cowrie DShield Honeypot Open

Deceive in order to detect

Interactivity is a security system feature that implies interaction with the attacker and their tools as well as an impact on the attack scenario depending on the attacker’s actions. For example, introducing junk search results to confuse the vulnerability scanners used by cybercriminals is interactive. As well as causing problems for the cybercriminal
Publish At:2017-01-19 06:35 | Read:5826 | Comments:0 | Tags:Blog Security policies Deception techniques honeypot Securit

Are the Days of “Booter” Services Numbered?

It may soon become easier for Internet service providers to anticipate and block certain types of online assaults launched by Web-based attack-for-hire services known as “booter” or “stresser” services, new research released today suggests. The findings come from researchers in Germany who’ve been studying patterns that emerge w
Publish At:2016-10-27 20:50 | Read:6157 | Comments:0 | Tags:Other AmpPot booter bulletproof hosting Christian Rossow Clo

24 hours in the life of my home router by Francisco J. Rodriguez

Recently a massive DDoS attack has disconnected a large portion of users from the Internet, hackers exploited IoT devices. Is your router secure? “Are we ready to live in a world where all devices are exposed to cyber attacks?” That is how I opened my presentation in QurtubaCON16 – cyber security event at Córdoba City (Spain) – and how I will op
Publish At:2016-10-24 11:00 | Read:7636 | Comments:0 | Tags:Breaking News Hacking Internet of Things Security Cybercrime

IoT Devices as Proxies for Cybercrime

Multiple stories published here over the past few weeks have examined the disruptive power of hacked “Internet of Things” (IoT) devices such as routers, IP cameras and digital video recorders. This post looks at how crooks are using hacked IoT devices as proxies to hide their true location online as they engage in a variety of other types of cybe
Publish At:2016-10-14 13:20 | Read:6640 | Comments:0 | Tags:Other ASUS Bitcoin DD-WRT honeypot internet of things IoT Li

The Role of Deliberate Obfuscation for Overall Data Security and Privacy

A new book by two New York University professors offers a fresh perspective on how individuals and corporations can hide their more private information in plain sight. The book, “Obfuscation: A User’s Guide for Privacy and Protest,” surveys the more interesting historical examples of the notion and provides some interesting context for prac
Publish At:2015-11-13 15:25 | Read:4892 | Comments:0 | Tags:Data Protection Data Security Honeypot Obfuscation Privacy R

GasPot Script Reveals Security Vulnerabilities in Automated Gas Tank Systems

A security firm has released the results of an experiment that used a honeypot script named “GasPot” to determine the security threats facing gas tanks.These results were announced by Trend Micro researcher Kyle Wilhoit and Industrial Control Systems (ICS) expert Stephen Hilt during their presentation for Black Hat 2015, “The Little Pump Ga
Publish At:2015-08-06 19:20 | Read:4010 | Comments:0 | Tags:Latest Security News anonymous black hat Black Hat 2012 GasP

Analyzing Queries on a Honeypot Name Server for Better DNS Log Quality

Internet Noise Honeypots are an easy and popular way to get statistics on the “Internet noise.” Getting more knowledge on Internet noise gives you more insight into what is out there and is one of the sources that helps in getting better security analytics. I was curious what kind of traffic a honeypot name server receives in a public cloud; my r
Publish At:2015-03-16 16:35 | Read:5587 | Comments:0 | Tags:Infrastructure Protection Security Intelligence & Analytics

DDoS Exploit Targets Open Source Rejetto HFS

Apparently no vulnerability is too small, no application too obscure, to escape a hacker’s notice.A honeypot run by Trustwave’s SpiderLabs research team recently snared an automated attack targeting users of the open source Rejetto HTTP File Server (Rejetto HFS). Someone was trying to exploit a vulnerability—which has since been patched—and insta
Publish At:2015-02-26 18:50 | Read:3846 | Comments:0 | Tags:Vulnerabilities Web Security China DDoS Exploit honeypot Ipt


Tag Cloud