HackDig : Dig high-quality web security articles for hacker

A Week in Security (May 08 – May 14)

Last week, we saw spam posts suddenly appearing on a celebrity’s website, talked about a malvertising campaign on Blogger, dissected a fake KPN email that led to the CTB Locker ransomware, and unmasked several tech support scam actors to put a stop to criminals banking on the Malwarebytes brand. Senior Security Researcher Jérôme Segura reported a hacki
Publish At:2016-05-16 20:50 | Read:3252 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (May 01 – May 07)

Last week, we gave a comprehensive introduction about Process Explorer, analyzed an Amazon Prime spam, and presented our readers some telltale signs that show their systems are infected with malware. We also stressed our stand against paying the ransom if users find their system has ransomware. Malware Intelligence Analyst Jovi Umawing published a malicious
Publish At:2016-05-10 00:35 | Read:2906 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Apr 24 – Apr 30)

Last week, we talked about another scam that promised to reward iPhone 6s units, a fake Donald Trump spam that leads to a supposed torrent site, and a bogus LastPass browser extension found on the Chrome Web Store. Senior Security Researcher Jérôme Segura discussed the latest malvertising campaign on The Pirate Bay, somewhat a repeat of what we documented a
Publish At:2016-05-03 22:35 | Read:3040 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Apr 17 – Apr 23)

Last week, we talked about a compromise on the 55 million registered voters in the Philippines, the return of tech support scammers—with fake AV in tow—and some other interesting finds we have outline below: Senior Security Researcher Jérôme Segura revealed that malicious actors are using a fake social button plugin (those that we commonly see on websites t
Publish At:2016-04-26 08:05 | Read:4075 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Apr 10 – Apr 16)

Last week, we talked about persistent tech support scammers, a BMW 419 scam, uncovered a malvertising campaign on a popular photo leak forum, and addressed (as best as we can) the survey feedback we received from our PUP Friday readers. We also raised the question of whether one would store their data on the cloud or not. On top of this, we released an infog
Publish At:2016-04-19 11:50 | Read:2919 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Apr 03 – Apr 09)

Last week, we touched on a Twitter spam that lures one to hack accounts, got personal with tech support scammers, witnessed another fake iPhone discount news, talked about an “advertisement downloader“, and brought to light a very odd spam. Senior security researcher Jérôme Segura informed us that Adobe released a new patch for a 0-day vulnerabil
Publish At:2016-04-12 05:15 | Read:3656 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Mar 13 – Mar 19)

Last week, we touched on a 419 scam, modding on games (in general), a much talked about iCloud scam that “may be worse than ransomware”—not to mention a number of threats targeting Apple users—and a Steam scam. Senior security researcher Jérôme Segura had once again unearthed a couple of malvertising campaigns. First, Segura revealed another roun
Publish At:2016-03-21 23:55 | Read:2818 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Mar 06 – Mar 12)

Last week, our resident Mac expert Thomas Reed commented on KeRanger, the first ransomware targeting the OSX platform. We also found the “least visually convincing” 419 spam mail to date. In addition, we took apart Cerber, a new Ransomware-as-a-Service (RaaS) that others believe originated from the Russian underground. When it comes to RaaS, affi
Publish At:2016-03-15 04:25 | Read:3442 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Feb 28 – Mar 05)

Last week, we touched on a Facebook video spam, a fake Google Docs phishing site, and a technical yet comprehensive (at least to those who know coding) tut on how to deobfuscate malicious VBScript files. When the ransomware variant known as Locky began to make headlines, malware analyst Hasherezade dissected several samples and explained their behaviour in t
Publish At:2016-03-08 09:30 | Read:4236 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Feb 14 – Feb 20)

Last week, we proudly revealed a number of brand new stuff from Malwarebytes: an enterprise solution, logo, and website. Heck, this blog was even renamed to Malwarebytes Labs. Do check out that post by our CEO Marcin Kleczynski for more details. We also talked about doxing—what it is and why it is illegal—and how one can protect themselves from it; revealed
Publish At:2016-02-23 01:55 | Read:3995 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Feb 07 – Feb 13)

  It’s time for our weekly roundup of all things Infosec! On the blog, we covered Safer Internet Day and then followed up with a very unsafe Internet, in the form of DMA Locker Ransomware. We took a look at a reasonably rare example of Airbnb phishing, and also explained how you can do your best to steer clear of PUPs. We finished things off with
Publish At:2016-02-17 01:15 | Read:3103 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Jan 31 – Feb 6)

It’s Monday, which means we have a roundup! Over the past week on Malwarebytes Unpacked, we’ve moved from a vulnerability disclosure and launch of a bug bounty program to a new form of Ransomware called DMA Locker. Nuclear Exploit Kit returned to cause problems with a large WordPress compromise campaign, and we weighed in on a problematic situati
Publish At:2016-02-08 18:15 | Read:3928 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Jan 17 – Jan 23)

Roundup time! Last week was definitely a busy one, with Malvertising on MSN.com, and a faintly dramatic tech-support scam riding roughshod over the good name of Symantec. Elsewhere, we had the inevitable Donald Trump themed spam mails, and some fantastic Malwarebytes news. We rounded off the last seven days with great deep-dives into powershell restrictions
Publish At:2016-01-26 04:45 | Read:3383 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Jan 10 – Jan 16)

  It’s time for our weekly roundup! First off, a look at the items covered on the blog this past week. We explored the oft-ignored world of Windows Vaults, and the pros and cons of storing credentials. Elsewhere, we had an extensive deep dive into Ransom32, a particularly troublesome form of Ransomware which has a lot of secrets tucked away in its
Publish At:2016-01-18 15:55 | Read:3529 | Comments:0 | Tags:Online Security recap weekly blog roundup

A Week in Security (Jan 03 – Jan 09)

Last week, we sent our readers a survey that they may want to check out and answer. We created it in the hopes of improving our PUP Friday posts. We also spotlighted on a defaced UK site, questioned the veracity of the data behind the Mac OS X being “the most vulnerable of 2015”, and delved into another phishing campaign on Facebook, claiming dis
Publish At:2016-01-11 21:10 | Read:2999 | Comments:0 | Tags:Online Security recap weekly blog roundup

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud