HackDig : Dig high-quality web security articles for hacker

Some Hackers Take the Ransom and Run: Researchers

Paying off hackers after a ransomware infection could end up being a total loss, according to a study released Thursday which finds some attackers just take the money and run.A survey by researchers at the security firm Proofpoint found that 33 percent of organizations infected with ransomware opted to pay the ransom.But some 22 percent of those who paid a r
Publish At:2020-01-24 10:15 | Read:91 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Vi

Iran-Linked RAT Used in Recent Attacks on European Energy Sector

Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan (RAT) previously associated with Iran-linked threat actors, Recorded Future reports.Dubbed PupyRAT, the backdoor is an open source piece of malware available on GitHub. Mainly written in Python, the threat is advertised as cross-platfor
Publish At:2020-01-23 10:15 | Read:138 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Virus &

[SANS ISC] Complex Obfuscation VS Simple Trick

I published the following diary on isc.sans.edu: “Complex Obfuscation VS Simple Trick“: Today, I would like to make a comparison between two techniques applied to malicious code to try to bypass AV detection. The Emotet malware family does not need to be presented. Very active for years, new waves of attacks are always fired using different in
Publish At:2020-01-23 08:20 | Read:85 | Comments:0 | Tags:Malware SANS Internet Storm Center Security Emotet Maldoc Ob

Shlayer Trojan attacks one in ten macOS users

For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in 2019, one in ten of our Mac security solutions encountered this malware at least once, and it accounts for almost 30% of all detections for this OS. The first specimens of this family fell into our hands back in February 2018, and we have since collected
Publish At:2020-01-23 06:05 | Read:150 | Comments:0 | Tags:Research macOS Malware

New Ransomware Process Leverages Native Windows Features

A new methodology for instigating ransomware makes use of Windows' own Encrypting File System (EFS). EFS has been a part of Windows since Windows 2000. Unlike Windows' BitLocker -- which is a full disk encryption feature -- EFS can selectively encrypt individual files or folders. It does this transparently to the user, using a key that is partly stored in an
Publish At:2020-01-21 12:00 | Read:102 | Comments:0 | Tags:NEWS & INDUSTRY Malware

New 5ss5c Ransomware Likely Readied to Replace Satan

The threat actor or group behind the Satan ransomware -- and probably DBGer and Lucky and possibly Iron -- seems to be engaged in a new version or evolution of Satan: 5ss5c.According to malware researcher/analyst Bart Blaze, the actor has been working on this new product since at least November 2019. It is thought to be a work in progress because of the pres
Publish At:2020-01-15 22:15 | Read:181 | Comments:0 | Tags:NEWS & INDUSTRY Malware

Oski Stealer Targets Browser Data, Crypto Wallets in U.S.

Still under development, a newly discovered information stealer is successfully targeting Internet browsers and cryptocurrency wallet applications, and most victims are apparently located in the United States.The fairly new malware, which has been dubbed Oski Stealer, is being advertised on underground cyber-forums, including several Russian forums, security
Publish At:2020-01-13 10:15 | Read:152 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Pulse Secure VPN Vulnerability Still Widely Exploited, CISA Warns

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations that malicious hackers continue to exploit a widely known Pulse Secure VPN vulnerability.A researcher revealed recently that cybercriminals had started exploiting CVE-2019-11510, a critical vulnerability affecting enterprise VPN product
Publish At:2020-01-10 22:15 | Read:352 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

North Korean Hackers Continue to Target Cryptocurrency Exchanges

Over the past year and a half, the North Korea-linked Lazarus group has continued attacks on cryptocurrency exchanges but modified its malware and some techniques, Kaspersky reports. Supposedly backed by the North Korean government and active since at least 2009, Lazarus is believed to be behind various high-profile attacks, including the WannaCry outbr
Publish At:2020-01-09 22:15 | Read:210 | Comments:0 | Tags:NEWS & INDUSTRY Malware

Interpol Announces Successful Operation Against Cryptojacking in Southeast Asia

Interpol announced on Wednesday that it has coordinated an international operation aimed at removing illegally installed cryptocurrency miners from routers located in Southeast Asia.The operation, dubbed Goldfish Alpha, was conducted in cooperation with Trend Micro, along with law enforcement and CERTs from ASEAN countries, including Brunei, Cambodia, Indone
Publish At:2020-01-08 22:15 | Read:363 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Malware Vulnerabilit

Chinese Cyber-Espionage Group Targeted NGOs for Years

A cyber-espionage group supposedly linked to the Chinese government is targeting non-governmental organizations (NGOs) in South and East Asia, Secureworks has revealed.Referred to as BRONZE PRESIDENT, the group may have been active since at least 2014, also targeting political and law enforcement organizations and using both proprietary and publicly availabl
Publish At:2020-01-08 10:15 | Read:206 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Malware Cybercrime

App Found in Google Play Exploits Recent Android Zero-Day

A malicious application in the Google Play store targeted a recently patched zero-day vulnerability that affects multiple Android devices, including Google’s Pixel phones.Tracked as CVE-2019-2215, the vulnerability was disclosed as a zero-day in October by Google Project Zero security researcher Maddie Stone. A use-after-free in the binder driver, the bug co
Publish At:2020-01-07 10:15 | Read:187 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Viru

Pulse Secure VPN Vulnerability Exploited to Deliver Ransomware

A widely known vulnerability affecting an enterprise VPN product from Pulse Secure has been exploited by cybercriminals to deliver a piece of ransomware, a researcher has warned.The flaw in question, tracked as CVE-2019-11510, is one of the many security holes disclosed last year by a team of researchers in enterprise VPN products from Fortinet, Palo Alto Ne
Publish At:2020-01-06 22:15 | Read:245 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

A week in security (December 30 – January 5)

Last week on Malwarebytes Labs, we took a dive into edge computing, looked at new web skimmer techniques, and rolled our eyes at silly people doing silly things. Other cybersecurity news: Stills and chills: A Reddit user notices their security camera is grabbing stills from other people’s devices. (Source: Reddit) Tik Tok, the clock has stopped: The US Mili
Publish At:2020-01-06 21:50 | Read:248 | Comments:0 | Tags:A week in security CISO malware skimmer tiktok week in secur

Cyber News Rundown: US Coast Guard Hit with Ransomware

Reading Time: ~ 2 min. US Coast Guard Facility Hit with Ransomware During the last week of December a US Coast Guard facility was the target of a Ryuk ransomware attack that shut down operations for over 30 hours. Though the Coast Guard has implemented multiple cybersecurity regulations in just the last six months or so, this attack broke through the weak
Publish At:2020-01-03 15:10 | Read:370 | Comments:0 | Tags:Industry Intel malware ransomware


Share high-quality web security related articles with you:)


Tag Cloud