HackDig : Dig high-quality web security articles for hacker

Fileless cryptocurrency miner CoinMiner uses NSA EternalBlue exploit to spread

A new fileless miner dubbed CoinMiner appeared in the wild, it uses NSA EternalBlue exploit and WMI tool to spread. A new strain of Cryptocurrency Miner dubbed CoinMiner appeared in the wild and according to the experts it is hard to detect and infects Windows PCs via EternalBlue NSA exploit. CoinMiner is a fileless malware that leverages the WMI (Windows Ma
Publish At:2017-08-22 13:35 | Read:64 | Comments:0 | Tags:Breaking News Cyber Crime Malware CoinMiner Cybercrime ETERN

Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly

By Buddy Tancio Fileless malware can be a difficult threat to analyze and detect. It shouldn’t be a surprise that an increasing number of new malware threats are fileless, as threat actors use this technique to make both detection and forensic investigation more difficult. We recently found a new cryptocurrency miner (which we detect as TROJ64_COINMINER.QO)
Publish At:2017-08-21 22:35 | Read:55 | Comments:0 | Tags:Exploits Malware cryptocurrency EternalBlue WMI

SyncCrypt Ransomware hides its components in image files

A new strain of ransomware distributed through spam emails, dubbed SyncCrypt, hides its components inside harmless-looking images. A new strain of ransomware recently discovered, dubbed SyncCrypt, hides its components inside harmless-looking images. The SyncCrypt ransomware is distributed through spam emails that use attachments containing WSF files pretendi
Publish At:2017-08-21 16:10 | Read:95 | Comments:0 | Tags:Breaking News Malware malware ransomware SyncCrypt Ransomwar

All in a Spammer’s Workweek: Where Do the Busiest Spammers Work Around the Clock?

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data
Publish At:2017-08-21 15:05 | Read:65 | Comments:0 | Tags:Advanced Threats Fraud Protection Threat Intelligence IBM X-

The Ukrainian central bank warned of new NotPetya-style massive attack risk

The Ukrainian central bank warned state-owned and private lenders of the appearance of new the NotPetya-like attack that would target national businesses. On Friday, the Ukrainian central bank warned of new malware-based attack risk. According to the Reuters, the Ukrainian central bank warned state-owned and private lenders of the spreading of new infections
Publish At:2017-08-19 08:55 | Read:171 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Malware notpetya Petya r

Faketoken evolves and targets taxi booking apps to steal banking info

Kaspersky discovered a news strain of the mobile banking Trojan Faketoken that displays overlays on top of taxi booking apps to steal banking information. Security experts from Kaspersky have discovered a news strain of the infamous mobile banking trojan Faketoken that implements capabilities to detect and record an infected device’s calls and display
Publish At:2017-08-18 14:30 | Read:88 | Comments:0 | Tags:Breaking News Malware Mobile Android Banking Malware Faketok

NotPetya ransomware caused $300m losses to the shipping giant Maersk

The transportation giant Maersk announced that it would incur hundreds of millions in U.S. dollar losses due to the NotPetya ransomware massive attack. A.P. Moller-Maersk, the transportation and logistics firm, announced Tuesday that it would incur hundreds of millions in U.S. dollar losses due to the NotPetya ransomware massive attack. According to the seco
Publish At:2017-08-17 04:25 | Read:270 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime Maersk

Cerber Ransomware now includes a feature to avoid canary files anti-malware

Researchers at Cybereason have discovered a new strain of the Cerber ransomware that implements a new feature to avoid triggering canary files. The canary files are a security measure for the early detection of threat like ransomware. These files are located in specific positions of systems and an anti-ransomware application watches for any modification. If
Publish At:2017-08-17 01:40 | Read:181 | Comments:0 | Tags:Breaking News Cyber Crime Malware anti-ransomware canary fil

ShadowPad backdoor was spread in corporate networks through software update mechanism

Kaspersky Lab discovered attackers were able to modify the NetSarang software update process to include a malware tracked as ShadowPad backdoor. Software update mechanism could be an efficient attack vector, news of the day is that hackers compromised the update process for a popular server management software package developed by NetSarang. Attackers were a
Publish At:2017-08-16 07:15 | Read:181 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware malware ShadowPad

WannaCry hero Marcus Hutchins pleads not guilty

The 23-year-old expert Marcus Hutchins pleaded “not guilty” during a court hearing in Milwaukee, Wisconsin. His trial has been scheduled for October. Yesterday, Marcus Hutchins, the WannaCry hero, has pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin. The court decided to relax the expert bail ter
Publish At:2017-08-15 12:50 | Read:218 | Comments:0 | Tags:Breaking News Cyber Crime banking trojan Cybercrime Hacking

The Disdain exploit kit appears in the threat landscape

The Disdain exploit kit is available for rent on a daily, weekly, or monthly basis for prices of $80, $500, and $1,400 respectively. The security researcher David Montenegro discovered a new exploit kit dubbed Disdain that is offered for rent on underground hacking forums by a malware developer using the pseudonym of Cehceny. Disdain Exploit Kit – New
Publish At:2017-08-15 12:50 | Read:174 | Comments:0 | Tags:Breaking News Cyber Crime Malware exploit

CVE-2017-0199: Crooks exploit PowerPoint Slide Show files to deliver malware

According to Trend Micro, cyber criminals abuse the CVE-2017-0199 vulnerability to deliver malware via PowerPoint Slide Show. In April Microsoft fixed the CVE-2017-0199  vulnerability in Office after threat actors had been exploiting it in the wild. Hackers leveraged weaponized Rich Text File (RTF) documents exploiting a flaw in Office’s Object Linking and E
Publish At:2017-08-15 12:50 | Read:114 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware CVE-2017-0199 malw

How Just Opening A Malicious PowerPoint File Could Compromise Your PC

A few months back we reported how opening a simple MS Word file could compromise your computer using a critical vulnerability in Microsoft Office.The Microsoft Office remote code execution vulnerability (CVE-2017-0199) resided in the Windows Object Linking and Embedding (OLE) interface for which a patch was issued in April this year, but threa
Publish At:2017-08-14 18:50 | Read:176 | Comments:0 | Tags:Cyber Attack hacking news Malware Microsoft office Microsoft

Elementary, My Dear Watson: Identifying and Understanding Malware With Cognitive Security

Malware is a major cause of cyberattacks today, with fraudsters using targeted spear phishing emails and social engineering to distribute malicious files to unsuspecting employees at various organizations. To make matters worse, malware has evolved to avoid detection by traditional security tools and systems. Take the CozyDuke malware campaign as an example.
Publish At:2017-08-14 16:57 | Read:149 | Comments:0 | Tags:Cognitive Security Intelligence & Analytics Cognitive Securi

CVE-2017-0199: New Malware Abuses PowerPoint Slide Show

By Ronnie Giagone and Rubio Wu CVE-2017-0199 was originally a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office to deliver malware. It is commonly exploited via the use of malicious Rich Text File (RTF) documents, a method used by t
Publish At:2017-08-14 06:00 | Read:155 | Comments:0 | Tags:Malware Vulnerabilities

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud