HackDig : Dig high-quality web security articles for hacker

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:188 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

Coronavirus Bitcoin scam promises “millions” working from home

In the last week, we’ve seen multiple coronavirus scams pushed by bad actors, including RAT attacks via fake health advisories, bogus e-books working in tandem with Trojans, and lots of other phishing shenanigans. Now we have another one to add to the ever-growing list: dubious coronavirus Bitcoin missives landing in your inbox. Reworking a classic spam tact
Publish At:2020-03-26 17:08 | Read:259 | Comments:0 | Tags:Scams bitcoin british celebrities scam coronavirus coronavir

Spam Campaign Leverages IQY Files to Distribute Paradise Ransomware

Security researchers detected a spam campaign leveraging Internet Query (IQY) files in an attempt to distribute Paradise ransomware.Lastline observed that the campaign began by trying to trick users into opening an IQY file, an Excel-readable text file which downloads data from the web. As such, this file retrieved a malicious Excel formula from the attacker
Publish At:2020-03-11 08:38 | Read:271 | Comments:0 | Tags:IT Security and Data Protection Latest Security News IQY Par

New Coronavirus-themed malspam campaign delivers FormBook Malware

Experts uncovered a new Coronavirus (COVID-19)-themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. The campaign uses emails that pretend being sent by members
Publish At:2020-03-08 12:43 | Read:244 | Comments:0 | Tags:Breaking News Cyber Crime Malware coronavirus FormbBook Troj

TrickBot targets Italy using fake WHO Coronavirus emails as bait

Crooks continue to exploit the attention on the Coronavirus (COVID-19) outbreak, TrickBot operators target Italian users. A new spam campaign is targeting users in Italy by exploiting the interest on Coronavirus (COVID-19) in the attempt of delivering the TrickBot information-stealing malware. Crooks are attempting to exploit the fear of users of becom
Publish At:2020-03-06 11:24 | Read:344 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware coronavirus COVID_

Fresh phish! Stripe scam baked and delivered in under an hour

byPaul DucklinHere at Naked Security, we receive our fair share of phishing scams.It means we see a good cross-section of the phishes going around, which gives us a way to keep tabs on just how realistic scams are becoming.“Show-and-tell” phishing stories are a handy way to document just how undramatic and unsuspicious, and therefore just how bel
Publish At:2020-03-02 09:21 | Read:138 | Comments:0 | Tags:Phishing phishing Scam spam Stripe

What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today

As reported in the IBM X-Force Threat Intelligence Index 2020, X-Force research teams operate a network of globally distributed spam honeypots, collecting and analyzing billions of unsolicited email items every year. Analysis of data from our spam traps reveals trending tactics that attackers are utilizing in malicious emails, specifically, that threat actor
Publish At:2020-02-26 10:55 | Read:403 | Comments:0 | Tags:Threat Intelligence Dark Web Exploit Macro Malware Macros Ma

Top Email Security Threats of 2020 – How To Stop Them

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach. After the initial panic, it became clear that br
Publish At:2020-02-20 03:05 | Read:354 | Comments:0 | Tags:IT Security and Data Protection email security insider threa

X-Force Threat Intelligence Index Reveals Top Cybersecurity Risks of 2020

The volume of threats that security teams see on a daily basis can make it especially difficult to look at the big picture when it comes to developing an effective cybersecurity strategy. To see through the flood of data and alerts, organizations depend on actionable threat intelligence to help them understand and mitigate risks. Looking at long-term trends
Publish At:2020-02-11 08:51 | Read:547 | Comments:0 | Tags:Advanced Threats Threat Intelligence Cloud Cloud Adoption Cl

Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails. The messages contain Microsoft Office files loaded with macros that, when enabled, launch an infection routine that delivers the Emotet Trojan. In general, Emotet is very focused on infecting companies
Publish At:2020-02-09 10:30 | Read:372 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Cyberc

Spam Campaign Leveraged RTF Documents to Spread Infostealers

A spam campaign leveraged malicious RTF documents to distribute notorious infostealers including Agent Tesla and Lokibot.While digging through a few other spam campaigns, Lastline observed unusual use of the C# compiler from the command line in some samples. Its researchers performed additional analysis and found that the samples belonged to the same malicio
Publish At:2020-02-09 10:21 | Read:209 | Comments:0 | Tags:IT Security and Data Protection Latest Security News infoste

Spear phishing 101: what you need to know

Phishing, a cyberattack method as old as viruses and Nigerian Princes, continues to be one of the most popular means of initiating a breach against individuals and organizations, even in 2020. The tactic is so effective, it has spawned a multitude of sub-methods, including smishing (phishing via SMS), pharming, and the technique du jour for this blog: spear
Publish At:2020-01-29 16:50 | Read:515 | Comments:0 | Tags:Social engineering 101 business malspam organisation organiz

Sextortionists return for Christmas – price goes down, threats go up

byPaul DucklinA week ago, a concerned Naked Security reader shared with us a “send us money or else” email that was a bit different from others he’d received in the past.The claims and the demands followed a predictable theme – one that we call sextortion because of the connection between sexuality and extortion.Simply put, the scamme
Publish At:2019-12-24 12:35 | Read:751 | Comments:0 | Tags:Malware Spam Cybercrime Scam sextortion spyware

Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

By Joey Chen, Hiroyuki Kakara and Masaoki Shoji While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we a
Publish At:2019-11-30 07:35 | Read:778 | Comments:0 | Tags:Bad Sites Exploits Internet of Things Malware Open source Sp

Sextortion scammers getting creative

We’ve covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. (They don’t.) But as public awareness of the scam grow
Publish At:2019-11-26 16:50 | Read:880 | Comments:0 | Tags:Cybercrime Social engineering bitcoin scam sextortion scams

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud