HackDig : Dig high-quality web security articles

A week in security (April 18 – 24)

Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploadsNorth Korean Lazarus APT group targets blockchain tech companiesWatch out for Ukraine donation scammers in Twitter repliesBeware tragic “my daughter died…” Facebook posts offering free PS5sUS warns of APT groups that can “gain full system access” to some industrial cont
Publish At:2022-04-25 08:51 | Read:1069 | Comments:0 | Tags:A week in security elon musk Lazarus Oracle Pegasus scrape p

Why you shouldn’t automate your VirusTotal uploads

p>It is important to realize that uploading certain files to VirusTotal may result in leaking confidential data, which could result in a breach of confidentiality, or worse. We have warned against uploading personal information, as does VirusTotal itself on their home page. But apparently some organizations have automated the uploading of email attachment
Publish At:2022-04-18 12:48 | Read:2171 | Comments:0 | Tags:101 attachments BSI TLP virustotal Virus

Since 2020, at least 130 different ransomware families have been active

The popular Google’s VirusTotal scanning service has published an interesting analysis of more than 80 Million ransomware samples. VirusTotal has published its first ransomware activity report based on the analysis of more than 80 million samples that have been uploaded from 140 countries worldwide. Since 2020, at least 130 different ransomware families h
Publish At:2021-10-14 18:20 | Read:1992 | Comments:0 | Tags:Breaking News Malware Reports Cybercrime Hacking hacking new

Babuk ransomware builder leaked following muddled “retirement”

In the last days of April 2021, the operators of Babuk ransomware announced they were going to focus on demanding a ransom for information stolen from compromised networks, leaving the encryption part of their operation behind. It meant that they no longer needed ransomware at all. “Babuk changes direction, we no longer encrypt information on networks, we
Publish At:2021-06-30 13:12 | Read:1543 | Comments:0 | Tags:Ransomware Reports Babuk decryption MPD raas source code vir

Adventures in Contacting the Russian FSB

KrebsOnSecurity recently had occasion to contact the Russian Federal Security Service (FSB), the Russian equivalent of the U.S. Federal Bureau of Investigation (FBI). In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual priva
Publish At:2021-06-07 11:58 | Read:1301 | Comments:0 | Tags:A Little Sunshine BadB C# CryptoPro fbi Federal Security Ser

4 things you should know about testing AV software with VirusTotal’s free online multiscanner

As COVID-19 soldiers on, small and medium-size businesses now feel as ripe for malware attacks as deep-pocketed multinationals. SMBs see that, along with remote work, our pandemic has also brought troubling new holes to their security. This means cybercriminals—equal opportunity charlatans that they are—now simply cast wider nets to snare any and all busi
Publish At:2021-05-18 14:49 | Read:1504 | Comments:0 | Tags:Opinion av testing SMB Trust & Confidence virustotal Virus

Breaking free from the VirusTotal silo: Lock and Code S02E07

This week on Lock and Code, we speak to Malwarebytes Chief Information Security Officer John Donovan about the flaws in using VirusTotal as the one source of truth when evaluating whether or not a cybersecurity tool actually works. It’s a practice that is surprisingly common. Weeks ago, Malwarebytes Labs released the SMB Cybersecurity Trust & C
Publish At:2021-04-26 14:04 | Read:1541 | Comments:0 | Tags:Podcast lock and code lock and code podcast small businesses

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious fi
Publish At:2021-04-16 09:45 | Read:1578 | Comments:0 | Tags:A Little Sunshine CVE-2020-4006 Cybersecurity Infrastructure

Carbon Emissions: Oversharing Bug Puts Security Vendor Back in Spotlight

Last week, security firm DirectDefense came under fire for over-hyping claims that Cb Response, a cybersecurity product sold by competitor Carbon Black, was leaking proprietary data from customers who use it. Carbon Black responded that the bug identified by its competitor was a feature, and that customers were amply cautioned in advance about the potential
Publish At:2017-08-18 22:55 | Read:5891 | Comments:0 | Tags:Other Amazon Macie Carbon Black DirectDefense Mike Viscuso s

See Our Threat Analysis of University College London Ransomware Attack

Ransomware has hit the news again in the UK today only a few short weeks since the WannaCry outbreak crippled the National Health Service. This time University College London (UCL) was hit by a ransomware strain which has resulted in them having to take down parts of their network to stop infected machines harming key university data. Credit to UCL for what
Publish At:2017-06-16 17:15 | Read:8185 | Comments:0 | Tags:Breaking News Threats analysis anti-virus browsing cause det

Process Explorer: An introduction

When Microsoft acquired Sysinternals in 2006, one of the most famous tools it gained was Process Explorer. For Windows operating systems (OS), especially those up to and including Windows 7, Process Explorer is an excellent replacement for Task Manager. It offers a much clearer view of what is going on and has a lot more options. Besides the options the regu
Publish At:2016-05-03 22:35 | Read:7962 | Comments:0 | Tags:101 How-tos malware Pieter Arntz process explorer sysinterna

What’s in a name?

Any time a malware variant hits the news we get numerous requests for information. It is typically quite difficult to provide any information based on names that have been given to threats. A simple way to illustrate this is by using a service such as Virustotal and seeing what name other AV companies use for the same threat. I found a recent article about a
Publish At:2015-12-02 19:30 | Read:10915 | Comments:0 | Tags:Threat Research Malware name virustotal

Stealthy GlassRAT Spies on Commercial Targets

A remote access Trojan used sparingly in targeted attacks has been found after living under cover for three years, undetected by most security gear.The RAT, dubbed GlassRAT, was signed with a certificate belonging to a popular Chinese software company with hundreds of millions of users worldwide. The RAT was used to spy on Chinese nationals working in commer
Publish At:2015-11-24 04:35 | Read:5945 | Comments:0 | Tags:Malware cyberespionage Espionage malware GlassRAT Kent Backm

VirusTotal Now Scans Mac Apps for Malware in a Sandbox

VirusTotal, a popular online file scanning service that analyzes files and URLs for the identification of malware, is now executing suspicious Mac apps inside a sandbox to improve its analysis and detection of Mac malware. VirusTotal now extracts behavioral information from scanned Mac executable files, an important step forward for the Google-owned file sca
Publish At:2015-11-20 01:30 | Read:6471 | Comments:0 | Tags:Security News antivirus apps Google Mac malware OS X Sandbox

VirusTotal Adds Sandbox Execution for OS X Apps

Mac malware is a thing. It’s real. Granted it hasn’t reached the critical mass of malicious code for Windows, but recent encounters with WireLurker, XcodeGhost and YiSpecter among others have elevated the conversation to levels where it’s been legitimized.Adding further credence, Google-owned online malware scanner VirusTotal this week anno
Publish At:2015-11-19 16:05 | Read:9572 | Comments:0 | Tags:Apple Google Malware Web Security apple google Mac OS X Malw

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud