HackDig : Dig high-quality web security articles for hacker

Spam and phishing in Q3 2017

Quarterly highlights Blockchain and spam Cryptocurrencies have been a regular theme in the media for several years now. Financial analysts predict a great future for them, various governments are thinking about launching their own currencies, and graphics cards are swept off the shelves as soon as they go on sale. Of course, spammers could not resist the top
Publish At:2017-11-03 07:15 | Read:1345 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

Basetools underground hacking forum breached, hacker demands $50K ransom

Basetools underground hacking forum was breached, hackers demand a $50K ransom to avoid sharing stolen data, including admin identity, with law enforcement. A hacker that goes online with the Twitter handle mat (@0xScripts) has breached a popular underground hacking forum and he is threatening to share the stolen archive to the law enforcement if the adminis
Publish At:2017-10-29 03:55 | Read:2425 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Deep Web Basetools.ws

A new Ursnif Banking Trojan campaign targets Japan

Crooks continues to target Japanese users, now the hackers leverage the Ursnif banking Trojan, aka Gozi, to hit the country. According to researchers at IBM X-Force group, cyber criminals are delivering the infamous malware via spam campaigns that began last month. The Ursnif banking Trojan was the most active malware code in the financial sector in 2016 and
Publish At:2017-10-28 09:30 | Read:2330 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Japan spam Ursn

URSNIF spam campaign expose new macro evasion tactics

Trend Micro recently observed a new campaign leveraging the Ursnif banking Trojan using new malicious macro tactics payload delivery and evade detection. Researchers at Trend Micro have recently spotted a new campaign leveraging the Ursnif banking Trojan featuring new malicious macro tactics for payload delivery. Malicious macros are widely adopted by crook
Publish At:2017-10-22 06:06 | Read:1776 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime macros

New Malicious Macro Evasion Tactics Exposed in URSNIF Spam Mail

by John Anthony Bañes Malicious macros are commonly used to deliver malware payloads to victims, usually by coercing victims into enabling the macro sent via spam email. The macro then executes a PowerShell script to download ransomware or some other malware. Just this September EMOTET, an older banking malware, leveraged this method in a campaign that saw i
Publish At:2017-10-21 18:05 | Read:1643 | Comments:0 | Tags:Malware macro sandbox Spam

A Look at Locky Ransomware’s Recent Spam Activities

Ransomware has been one of the most prevalent, prolific, and pervasive threats in the 2017 threat landscape, with financial losses among enterprises and end users now likely to have reached billions of dollars. Locky ransomware, in particular, has come a long way since first emerging in early 2016. Despite the number of times it apparently spent in hiatus, L
Publish At:2017-10-21 18:05 | Read:861 | Comments:0 | Tags:Ransomware Spam Locky ransomware Trickbot

Crooks using Linux.ProxyM IoT botnet to send spam messages

Experts at security firm Doctor Web discovered a new botnet of IoT devices leveraging the Linux.ProxyM, that is used by crooks for mass spam mailings. The most popular thingbot since now is the Mirai, but it isn’t the only one targeting Linux-based internet-of-things (IoT) devices. Researchers with security firm Doctor Web discovered a new botnet of Io
Publish At:2017-09-22 14:45 | Read:1632 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Internet of Things Malware

Locky Ransomware Pushed Alongside FakeGlobe in Upgraded Spam Campaigns

By Julie Cabuhat, Michael Casayuran, Anthony Melgarejo In the beginning of September, a sizeable spam campaign was detected distributing the latest Locky variant. Locky is a notorious ransomware that was first detected in the early months of 2016 and has continued to evolve and spread through different methods, particularly spam mail. A thorough look at samp
Publish At:2017-09-19 00:55 | Read:2087 | Comments:0 | Tags:Ransomware Spam FakeGlobe Locky ransomware

Backdoored Display Widgets Plugin potentially affects 200,000 WordPress installs abusing them to spam content

Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress websites were impacted after a plugin they were using was updated to include a backdoor. “If you have a plugin called “Display Widgets” on your WordPress websit
Publish At:2017-09-15 16:40 | Read:1587 | Comments:0 | Tags:Breaking News Hacking Cybercrime Display Widgets Pierluigi P

Crooks leverage Facebook CDN servers to bypass security solutions

Crooks are abusing Facebook CDN servers to deliver malware and evading detection exploiting the trust in the CDN network of the social networking giant. Crooks are abusing Facebook CDN (Content Delivery Network) servers to store malware and to deliver it evading detection exploiting the trust in the CDN network of the social network giant. Researchers from M
Publish At:2017-09-11 01:35 | Read:1235 | Comments:0 | Tags:Breaking News Cyber Crime Malware Facebook CDN Hacking malwa

Onliner Spambot – More than 711 Million email addresses open and accessible online

An archive containing more than 630 million email addresses used by the spambot server dubbed ‘Onliner Spambot’  has been published online. The Onliner Spambot dump is the biggest one of its kind, it was discovered by the security researcher who goes online with the handle Benkow. The database was hosted on an “open and accessible” se
Publish At:2017-08-30 21:15 | Read:2326 | Comments:0 | Tags:Breaking News Data Breach Hacking Cybercrime malware Onliner

US CERT is warning of potential Hurricane Harvey Phishing Scams

After the Hurricane Harvey hit Texas causing deaths and destructions, authorities are warning of potential Phishing Scams. The US CERT is warning of Potential Hurricane Harvey phishing scams, the experts fear crooks may start using malicious emails purportedly tied to the storm.  “US-CERT warns users to remain vigilant for malicious cyber activity
Publish At:2017-08-29 08:25 | Read:2203 | Comments:0 | Tags:Breaking News Cyber Crime Cybercrime Hacking Hurricane Harve

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The usual trick of present
Publish At:2017-08-22 09:10 | Read:2202 | Comments:0 | Tags:Featured Quarterly Spam Reports Malicious spam Malware Descr

All in a Spammer’s Workweek: Where Do the Busiest Spammers Work Around the Clock?

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data
Publish At:2017-08-21 15:05 | Read:1894 | Comments:0 | Tags:Advanced Threats Fraud Protection Threat Intelligence IBM X-

NemucodAES ransomware and Kovter trojan bundled in the same campaigns

Security experts at the SANS Institute discovered that that NemucodAES ransomware and Kovter trojan are being delivered together in spam campaigns. Security experts at the SANS Institute Internet Storm Center, discovered that that two malware families, NemucodAES and Kovter are being delivered together in .zip attachments delivered via active spam campaigns.
Publish At:2017-07-15 13:05 | Read:1468 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking Kovter

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud