HackDig : Dig high-quality web security articles

RDP brute force attacks explained

While you read these words, the chances are that somebody, somewhere, is trying to break in to your computer by guessing your password. If your computer is connected to the Internet it can be found, quickly, and if it can be found, somebody will try to break in. And it isn’t like the movies. The criminal hacker trying to guess your password isn̵
Publish At:2021-08-03 11:33 | Read:441 | Comments:0 | Tags:Explained rdp RDP brute force

LemonDuck no longer settles for breadcrumbs

LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [1][2] on the Microsoft Security blog. LemonDuck Trojan.LemonDuck has al
Publish At:2021-07-30 13:57 | Read:360 | Comments:0 | Tags:Botnets C&C cross-platform LemonCat LemonDuck LNK malspam pr

Royal Mail phish deploys evasion tricks to avoid analysis

Royal Mail phish scams are still in circulation, slowly upgrading their capabilities with evasion tools deployed in far more sophisticated malware attacks. Often, the quality of sites we see varies greatly. Many fake Royal Mail pages are cookie-cutter efforts existing on borrowed time. The operators know their scam is a case of here today, gone tomorrow.
Publish At:2021-05-19 14:14 | Read:573 | Comments:0 | Tags:Scams bypass delivery parcel phish phishing post office rdp

Avaddon ransomware campaign prompts warnings from FBI, ACSC

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. The FBI states that is has received notifications of unidentified cyber actors using Avaddon ransomware against US and foreign private sector companies, manufacturing
Publish At:2021-05-11 14:24 | Read:613 | Comments:0 | Tags:Ransomware .avdn acsc avaddon Dark Web ddos exfiltrated data

Perkiler malware turns to SMB brute force to spread

Researchers at Guardicore have identified a new infection vector being used by the Perkiler malware where internet-facing Windows machines are breached through SMB password brute force. Perkiler is a complex Windows malware with rootkit components that is dropped by the Purple Fox exploit kit (EK) and was spread by phishing campaigns. What is SMB? S
Publish At:2021-03-25 19:40 | Read:821 | Comments:0 | Tags:Trojans brute force exploit kit perkiler Purple Fox rdp root

Threat landscape for industrial automation systems. Statistics for H2 2020

Figures Indicator H1 2020 H2 2020 2020 Global percentage of attacked ICS computers 32.6% 33.42% 38.55% Percentage of attacked ICS computers by region Northern Europe 10.1% 11.5% 12.3% Western Europe 15.1% 14.8% 17.6% Australia 16.3% 17.0% 18.9% United States and Canada 17.2% 16.5% 19.6% Eastern Europe 26.4% 28.0% 30.5% Southern E
Publish At:2021-03-25 06:25 | Read:782 | Comments:0 | Tags:Industrial threats Industrial control systems Malware Statis

FBI warns of increase in PYSA ransomware attacks targeting education

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. According to the alert [PDF], the United Kingdom and 12 states in the US have already affected by this ransomware family.
Publish At:2021-03-17 08:48 | Read:908 | Comments:0 | Tags:Awareness Ransomware CERT France fbi FBI PSA Maze Mega.nz Me

COVID-19: Examining the threat landscape a year later

A year ago — everything changed. In an effort to stem the tide of a rapidly spreading pandemic, the world shut down. Shops were forced to shut their doors, and whole countries were placed on stringent lockdowns. Schools were closed around the world, with more than one billion children affected, and the vast majority of companies had to switch to remote work,
Publish At:2021-03-15 07:19 | Read:992 | Comments:0 | Tags:Publications Malware Statistics RDP Targeted attacks Themati

RDP, the ransomware problem that won’t go away

The year 2020 will certainly be remembered as one of the most difficult and tragic years humankind has faced in modern times. The global pandemic changed the way we live and work in ways unimaginable, perhaps forever. It also altered the cybersecurity landscape dramatically. The FBI reported a 300 percent increase in cybercrime in the first quarter of tha
Publish At:2021-02-16 18:24 | Read:729 | Comments:0 | Tags:Malwarebytes news Opinion 2020 ransomware rdp remote desktop

RDP abused for DDoS attacks

We have talked about RDP many times before. It has been a popular target for brute force attacks for a long time, but attackers have now found a new way to abuse it. Remote access has become more important during the pandemic, with as many people as possible try to work from home. Which makes it all the more important to configure RDP services in a secure
Publish At:2021-01-29 13:36 | Read:1182 | Comments:0 | Tags:Exploits and vulnerabilities ddos DDos attack netscout rdp r

Cybercriminals want your cloud services accounts, CISA warns

On January 13 the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about several recent successful cyberattacks on various organizations’ cloud services. What methods did the attackers use? In the initial phase, the victims were targeted by phishing emails trying to capture the credentials of a cloud service account. Once the at
Publish At:2021-01-14 18:42 | Read:1034 | Comments:0 | Tags:Awareness bec brute force cisa cloud services IOCs mfa pass-

VideoBytes: Brute force attacks increase due to more open RDP ports

Hello Folks! In this Videobyte, we’re talking about why brute force attacks are increasing and why that is a problem for everyone. The number of RDP ports exposed to the Internet grew from about three million in January 2020 to over four and a half million in March.  The reason for this increase is likely the shift to working from home by many
Publish At:2020-12-17 19:54 | Read:1131 | Comments:0 | Tags:VideoBytes brute force rdp WFH

The story of the year: remote work

The coronavirus pandemic has caused sudden, sweeping change around the world. The necessary social distancing measures are having an impact on all of us. One large part of society that has been affected by these measures more than others is the employed. While direct customer facing businesses like restaurants and retailers have had to change their opening h
Publish At:2020-12-10 07:00 | Read:1355 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Instant Messengers Mali

IT threat evolution Q3 2020

Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required sig
Publish At:2020-11-20 06:07 | Read:1274 | Comments:0 | Tags:Featured Malware reports Backdoor Exploit Kits Malware Descr

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousan
Publish At:2020-10-28 14:17 | Read:1133 | Comments:0 | Tags:Data Breaches Ransomware Dagens Nyheter Gunnebo Group breach

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud