HackDig : Dig high-quality web security articles for hacker

Top Email Security Threats of 2020 – How To Stop Them

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach. After the initial panic, it became clear that br
Publish At:2020-02-20 03:05 | Read:104 | Comments:0 | Tags:IT Security and Data Protection email security insider threa

X-Force Threat Intelligence Index Reveals Top Cybersecurity Risks of 2020

The volume of threats that security teams see on a daily basis can make it especially difficult to look at the big picture when it comes to developing an effective cybersecurity strategy. To see through the flood of data and alerts, organizations depend on actionable threat intelligence to help them understand and mitigate risks. Looking at long-term trends
Publish At:2020-02-11 08:51 | Read:261 | Comments:0 | Tags:Advanced Threats Threat Intelligence Cloud Cloud Adoption Cl

Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails. The messages contain Microsoft Office files loaded with macros that, when enabled, launch an infection routine that delivers the Emotet Trojan. In general, Emotet is very focused on infecting companies
Publish At:2020-02-09 10:30 | Read:201 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Cyberc

Spam Campaign Leveraged RTF Documents to Spread Infostealers

A spam campaign leveraged malicious RTF documents to distribute notorious infostealers including Agent Tesla and Lokibot.While digging through a few other spam campaigns, Lastline observed unusual use of the C# compiler from the command line in some samples. Its researchers performed additional analysis and found that the samples belonged to the same malicio
Publish At:2020-02-09 10:21 | Read:131 | Comments:0 | Tags:IT Security and Data Protection Latest Security News infoste

Spear phishing 101: what you need to know

Phishing, a cyberattack method as old as viruses and Nigerian Princes, continues to be one of the most popular means of initiating a breach against individuals and organizations, even in 2020. The tactic is so effective, it has spawned a multitude of sub-methods, including smishing (phishing via SMS), pharming, and the technique du jour for this blog: spear
Publish At:2020-01-29 16:50 | Read:360 | Comments:0 | Tags:Social engineering 101 business malspam organisation organiz

Sextortionists return for Christmas – price goes down, threats go up

byPaul DucklinA week ago, a concerned Naked Security reader shared with us a “send us money or else” email that was a bit different from others he’d received in the past.The claims and the demands followed a predictable theme – one that we call sextortion because of the connection between sexuality and extortion.Simply put, the scamme
Publish At:2019-12-24 12:35 | Read:601 | Comments:0 | Tags:Malware Spam Cybercrime Scam sextortion spyware

Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

By Joey Chen, Hiroyuki Kakara and Masaoki Shoji While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we a
Publish At:2019-11-30 07:35 | Read:556 | Comments:0 | Tags:Bad Sites Exploits Internet of Things Malware Open source Sp

Sextortion scammers getting creative

We’ve covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. (They don’t.) But as public awareness of the scam grow
Publish At:2019-11-26 16:50 | Read:707 | Comments:0 | Tags:Cybercrime Social engineering bitcoin scam sextortion scams

AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam

By Miguel Carlo Ang and Earle Maui Earnshaw  We recently saw a malicious spam campaign that has AutoIT-compiled payloads – the trojan spy Negasteal or Agent Tesla (detected by Trend Micro as TrojanSpy.Win32.NEGASTEAL.DOCGC), and remote access trojan (RAT) Ave Maria or Warzone (TrojanSpy.Win32.AVEMARIA.T) – in our honeypots.  The upgrading of payloads from a
Publish At:2019-10-25 14:35 | Read:851 | Comments:0 | Tags:Malware Spam Agent Tesla AutoIT Ave Maria malspam Negasteal

Emotet malspam campaign uses Snowden’s new book as lure

Exactly one week ago, Emotet, one of the most dangerous threats to organizations in the last year, resumed its malicious spam campaigns after several months of inactivity. Based on our telemetry, we can see that the botnet started becoming chatty with its command and control servers (C2), about a week or so before the spam came through. Figure 1: Communic
Publish At:2019-09-23 23:25 | Read:842 | Comments:0 | Tags:Botnets botnet botnets Edward Snowden emotet macros malspam

Emotet is back: botnet springs back to life with new spam campaign

After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control (C2) server activity. But this morning, the Trojan started pumping out spam, a clear indication it’s ready to jum
Publish At:2019-09-20 11:20 | Read:793 | Comments:0 | Tags:Botnets botnet botnets downloader emotet information stealer

Spam and phishing in Q3 2017

Quarterly highlights Blockchain and spam Cryptocurrencies have been a regular theme in the media for several years now. Financial analysts predict a great future for them, various governments are thinking about launching their own currencies, and graphics cards are swept off the shelves as soon as they go on sale. Of course, spammers could not resist the top
Publish At:2017-11-03 07:15 | Read:3043 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

Basetools underground hacking forum breached, hacker demands $50K ransom

Basetools underground hacking forum was breached, hackers demand a $50K ransom to avoid sharing stolen data, including admin identity, with law enforcement. A hacker that goes online with the Twitter handle mat (@0xScripts) has breached a popular underground hacking forum and he is threatening to share the stolen archive to the law enforcement if the adminis
Publish At:2017-10-29 03:55 | Read:5213 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Deep Web Basetools.ws

A new Ursnif Banking Trojan campaign targets Japan

Crooks continues to target Japanese users, now the hackers leverage the Ursnif banking Trojan, aka Gozi, to hit the country. According to researchers at IBM X-Force group, cyber criminals are delivering the infamous malware via spam campaigns that began last month. The Ursnif banking Trojan was the most active malware code in the financial sector in 2016 and
Publish At:2017-10-28 09:30 | Read:4711 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Japan spam Ursn

URSNIF spam campaign expose new macro evasion tactics

Trend Micro recently observed a new campaign leveraging the Ursnif banking Trojan using new malicious macro tactics payload delivery and evade detection. Researchers at Trend Micro have recently spotted a new campaign leveraging the Ursnif banking Trojan featuring new malicious macro tactics for payload delivery. Malicious macros are widely adopted by crook
Publish At:2017-10-22 06:06 | Read:3424 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime macros


Share high-quality web security related articles with you:)


Tag Cloud