HackDig : Dig high-quality web security articles for hacker

REDBALDKNIGHT/BRONZE BULTER’s Daserf Backdoor Now Using Steganography

by Joey Chen and MingYen Hsieh (Threat Analysts) REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing, and industrial chemistry. Their campaigns employ the Daserf backdoor (detected by T
Publish At:2017-11-07 11:35 | Read:1264 | Comments:0 | Tags:Malware Targeted Attacks Vulnerabilities BRONZE BULTER Daser

Malware signed with stolen Digital code-signing certificates continues to bypass security software

A group of researchers demonstrated that malware signed with stolen Digital code-signing certificates continues to bypass security software. A recent study conducted by the Cyber Security Research Institute (CSRI) revealed that stolen digital code-signing certificates are available for sale for anyone to purchase on the dark web for up to $1,200. Digital cod
Publish At:2017-11-07 05:10 | Read:1069 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Digital c

The GIBON Ransomware appears in the threat landscape

A new strain of ransomware dubbed GIBON ransomware was spotted by the ProofPoint researcher Matthew Mesa that observed it being distributed via malspam. The spam messages use a malicious document as attachment containing macros that once enabled will download and install the ransomware on a victim’s machine. The researcher dubbed the ransomware GIBON b
Publish At:2017-11-06 10:45 | Read:260 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime GIBON Ransomwar

Hackers poisoned Google Search results to spread Zeus Panda banking Trojan

Experts at Cisco Talos observed crooks exploiting black Search Engine Optimization (SEO) to spread the Zeus Panda banking Trojan. Threat actors behind the Zeus Panda banking Trojan leveraged black Search Engine Optimization (SEO) to propose malicious links in the search results. Crooks were focused on financial-related keyword queries. The campaign was first
Publish At:2017-11-05 16:20 | Read:199 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Black Seo Cybercri

Fake WhatsApp app in official Google Play Store downloaded by over a million Android users

A fake WhatsApp version deployed on the Play Store was downloaded by over a million users, a failure for the automated checks implemented by Google. Once again crooks exploited the official Google’s Play Store as a repository for malicious apps. This time a fake WhatsApp version was used to infect over a million users that downloaded it. The fake Whats
Publish At:2017-11-05 16:20 | Read:128 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile

[SANS ISC] Simple Analysis of an Obfuscated JAR File

I published the following diary on isc.sans.org: “Simple Analysis of an Obfuscated JAR File“. Yesterday, I found in my spam trap a file named ‘0.19238000 1509447305.zip’ (SHA256: 7bddf3bf47293b4ad8ae64b8b770e0805402b487a4d025e31ef586e9a52add91). The ZIP archive contained a Java archive named ‘0.19238000 1509447305.jar’ (SHA256: b161c7
Publish At:2017-11-03 16:40 | Read:447 | Comments:0 | Tags:Malware SANS Internet Storm Center Security Java JRAT SANS I

App Stores that Formerly Coddled ZNIU Found Distributing a New iXintpwn/YJSNPI Variant

by Lilang Wu, Ju Zhu, and Moony Li We covered iXintpwn/YJSNPI in a previous blog post and looked into how it renders an iOS device unresponsive by overflowing it with icons. This threat comes in the form of an unsigned profile that crashes the standard application that manages the iOS home screen when installed. The malicious profile also exploits certain fe
Publish At:2017-11-02 20:40 | Read:310 | Comments:0 | Tags:Bad Sites Malware Mobile android app stores iOS

MBR-ONI ransomware involved in targeted attacks against Japanese organizations

MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns. MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to encrypt the fi
Publish At:2017-11-01 19:50 | Read:141 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking malware

CSE Malware ZLab – Full report of Bad Rabbit attack

The researchers at CSE Cybsec ZLab have completed their analysis the Bad Rabbit ransomware, the report follows our preliminary analysis. Introduction Recently a new ransomware, called BadRabbit, infected systems in many countries, most of in East Europe, such as Ukraine and Russia. The malware was not totally new, it seems to be an evolution of the old NotPe
Publish At:2017-11-01 19:50 | Read:128 | Comments:0 | Tags:Breaking News Malware Reports Bad Rabbit ransomware Cybercri

Silence Group is borrowing Carbanak TTPs in ongoing bank attacks

A cybercrime gang called Silence targeted at least 10 banks in Russia, Armenia, and Malaysia borrowing hacking techniques from the Carbanak group. A cybercrime gang called Silence targeted at least 10 banks in Russia, Armenia, and Malaysia borrowing hacking techniques from the dreaded Carbanak hacker group that stole as much as $1 billion from banks worldwid
Publish At:2017-11-01 19:50 | Read:190 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking Cybercrime Hacking

Experts spotted a new strain of the Sage Ransomware that implements Anti-Analysis capabilities

Security experts from Fortinet spotted a new strain of the Sage ransomware that included new functionalities, such as anti-analysis capabilities. Sage 2.0 is a new ransomware first observed in December and not now it is distributed via malicious spam. Sage is considered a variant of CryLocker ransomware, it is being distributed by the Sundown and RIG exploit
Publish At:2017-11-01 01:25 | Read:322 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking malware

Gaza Cybergang is back, it leverages new tools against new targets

Gaza Cybergang threat actor it is back again, this time it is targeting organizations in the Middle East and North Africa (MENA) region. Gaza Cybergang is a threat actor that is believed to be linked to the Palestinian organization Hamas, it is back again targeting organizations in the Middle East and North Africa (MENA) region. According to the experts from
Publish At:2017-10-31 06:55 | Read:219 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware

Coin Miner Mobile Malware Returns, Hits Google Play

By Jason Gu, Veo Zhang, Seven Shen The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful. However, the effects on users of affected devices are clear: increased device wear and tear, reduced battery life, comparably slower performance. Recently, we found that apps with malicious cryptocurrency mining cap
Publish At:2017-10-30 18:55 | Read:190 | Comments:0 | Tags:Malware Mobile Android malware Coin mining CPUMINER JSMINER

Matrix Ransomware being distributed through malvertising

Security expert Jérôme Segura from Malwarebytes has spotted that Matrix Ransomware has risen again, it is now being distributed through malvertising. Malware researcher Jérôme Segura from Malwarebytes has discovered that Matrix Ransomware is now being distributed through malvertising campaign. #RIGEK drops Matrix ransomware. Payload https://t.co/PruaiZRuw9
Publish At:2017-10-29 22:20 | Read:214 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking malvert

A new Ursnif Banking Trojan campaign targets Japan

Crooks continues to target Japanese users, now the hackers leverage the Ursnif banking Trojan, aka Gozi, to hit the country. According to researchers at IBM X-Force group, cyber criminals are delivering the infamous malware via spam campaigns that began last month. The Ursnif banking Trojan was the most active malware code in the financial sector in 2016 and
Publish At:2017-10-28 09:30 | Read:401 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Japan spam Ursn

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud