Hacker Tools and Techniques Underground Sites and Hacking Groups
- March 27, 2020
Insurance giant Chubb confirmed it is investigating an incident that may involve the Maze ransomware group, which claims to have stolen sensitive data from the company.
- March 19, 2020
The infamous Maze gang announced it has stopped ransomware attacks on healthcare and medical facilities because of the seriousness of the coronavirus pandemic.
- January 30, 2020
Payment card information from customers of the convenience store chain Wawa has reportedly gone up for sale on the dark web, though questions about the breach remain.
- January 28, 2020
Three alleged cybercriminals suspected of being associated with Magecart were arrested in Indonesia via an Interpol-assisted operation called Operation Night Fury.
- October 01, 2019
German authorities arrested seven in raid of bulletproof hosting company CyberBunker -- which was housed in a former NATO bunker -- for allegedly hosting dark web marketplaces.
- August 06, 2019
Security vendor LogicHub introduced new features to its SOAR platform that intend to automate tedious threat detection and response processes and save security teams time.
- April 24, 2019
Cybersecurity firm Flashpoint updated its threat intelligence platform to better address evolving techniques and practices on the dark web, such as encrypted chat usage.
- January 10, 2019
New research from McAfee refutes the connection between recent Ryuk ransomware attacks and the North Korean government. Instead, it points the finger at cybercriminals.
- September 14, 2018
News roundup: The British Airways data breach may be the handiwork of hacking group Magecart, according to researchers. Plus, hacker Guccifer will be extradited to U.S., and more.
- August 02, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors talk about the SamSam ransomware campaign, which may be the work of a single hacker who's made nearly $6 million.
- August 02, 2018
The FBI arrested three members of the FIN7 cybercrime gang -- also known as the Carbanak Group -- for targeting more than 100 businesses and stealing 15 million credit card records.
- August 02, 2018
The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas.
- July 31, 2018
A new PoC attack using Spectre variant 1 called NetSpectre marks the first time Spectre v1 has been exploited remotely, although questions remain on the practicality of the attack.
- July 13, 2018
Researchers discovered two new Spectre variants that can be used to bypass protections and attack systems and earned $100,000 in bug bounties from Intel.
- May 22, 2018
Recorded Future's Levi Gundert discusses how the Iranian government uses proxies and contractors to launch cyberattacks, and how its strategy presents challenges for the country.
- May 21, 2018
Recorded Future's Levi Gundert explains why major cyberattacks against Western enterprises are expected to resume following the United States' withdrawal from the Iran nuclear deal.
- April 27, 2018
Webstresser.org, a popular DDoS-for-hire website, was taken down by several law enforcement agencies across the globe. Details are sparse, but arrests have reportedly been made.
- April 26, 2018
SecureWorks researchers uncovered an extensive business email compromise campaign targeting the maritime shipping industry, which may have cost organizations millions of dollars.
- February 08, 2018
The U.S. Department of Justice announced the shutdown of the Infraud Organization, which authorities claim is responsible for global cyberfraud losses in excess of $530 million.
- December 22, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rising threat of cryptojacking and how hackers can steal computing power from unsuspecting users.
- December 14, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent bitcoin boom and how the cryptocurrency's rising value could affect the cybersecurity landscape.
- October 17, 2017
Researchers discover a WPA2 vulnerability and brand it KRACK, but some experts say the early reports overstate the risk of the flaw and downplay the difficulty of an exploit.
- September 28, 2017
A security researcher describes the network lateral movement process from an attacker's perspective and a few key points of focus for IT pros, at DerbyCon.
- September 21, 2017
An undocumented Word feature found by Kaspersky Lab could lead to system information theft and affects users on both PCs and mobile devices.
- July 21, 2017
Cooperation between law enforcement from around the world led to the shutdown of the AlphaBay and Hansa dark web markets and potential leads of illegal vendors.
- July 05, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the NotPetya ransomware, its impact and the growing trend of sophisticated ransomware attacks.
- June 23, 2017
The Brutal Kangaroo USB malware leaked from the CIA's Vault 7 could pose a threat to air-gapped computers if hackers reverse-engineer it.
- June 08, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Shadow Brokers' monthly service for zero-day exploits and how it may affect enterprise security efforts.
- May 25, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Microsoft's sharp criticism of the NSA over the EternalBlue Windows vulnerability and WannaCry ransomware.
- May 23, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors look at the devastation caused by the WannaCry ransomware worm and discuss how it could have been prevented.
- April 28, 2017
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.
- April 19, 2017
A new type of ransomware as a service has appeared on the dark web, with unique features and an inexpensive price to attract malicious actors.
- April 18, 2017
A new release of NSA cyberweapons falls flat, as Windows exploits from the Shadow Brokers have mostly been patched. But unsupported systems are still at risk.
- April 14, 2017
The Shadow Brokers released another cache of cyberweapons linked to the Equation Group, including Windows exploits and attack details for the SWIFT banking system.
- April 14, 2017
Security researchers discovered a new reflection attack method using CLDAP that can be used to generate destructive but efficient DDoS campaigns.
- March 17, 2017
Although minting authentication cookies is not widely understood, the Yahoo hacker indictments has brought it to the forefront and shown it can be very dangerous.
- February 14, 2017
Microsoft's Brad Smith spoke at RSA Conference 2017 about the effects of nation-state cyberattacks and what businesses and governments can do about them.
- January 25, 2017
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the Shadow Brokers' alleged exploit for Windows SMB and what it means for both enterprises and Microsoft.
- January 20, 2017
Researchers find the Carbanak gang has evolved its attacks on financial institutions to use Google services for command and control infrastructure in malware.
- December 14, 2016
A major Netgear security vulnerability in routers prompted experts to suggest abandoning products, as Netgear finally releases a beta patch.
- December 14, 2016
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the takedown of Avalanche, the crimeware as a service operation, and why the victory may be short lived.
- December 02, 2016
Authorities from 30 countries have dismantled Avalanche, the crimeware-as-a-service network used to steal hundreds of millions from victims around the globe.
- September 30, 2016
In part two of his interview with SearchSecurity, MobileIron's James Plouffe talks about his role as a technical consultant on 'Mr. Robot' and how the show achieves its authenticity.
- September 20, 2016
Cisco warns that an as-yet unpatched vulnerability derived from Shadow Brokers' BENIGNCERTAIN hacking tool is being exploited in the wild.
- September 16, 2016
Exploit kits make the job of an attacker much easier but can be defended against easily by understanding the vulnerabilities and software they most often target.
- August 29, 2016
A new remote iOS exploit called Pegasus leverages three zero days in what appear to be state-sponsored targeted attack campaigns against political dissidents.
- August 25, 2016
More unanswered questions remain about the Shadow Brokers' release of NSA/Equation Group cyberweapons cache, as vendors move to mitigate and researchers search for vulnerabilities.
- August 19, 2016
Mystery continues to surround the Shadow Brokers' release of Equation Group vulnerability exploits and hacking tools, as vendors scramble to patch zero days.
- August 16, 2016
Cyberweapons purportedly stolen from the NSA-linked Equation Group have been put up for auction; WikiLeaks promises it will publish a 'pristine copy in due course.'
- August 09, 2016
Amid varying attacks targeting IoT devices at Black Hat 2016, a new software proxy offered leverage against the latest Bluetooth LE security protections.
- July 29, 2016
Researchers discovered attempts to snoop on dark web servers through malicious changes to Tor Project hidden services directories.
- June 16, 2016
The Lurk group hacker arrests in Russia came at the same time as the shutdown of a major exploit kit, ransomware family and botnet, but no one is sure if it is coincidence or causation.
- March 04, 2016
The cybersecurity industry is getting closer to artificial intelligence that can find and patch software bugs automatically, but that same tech could lead to autonomous hacking.
- March 03, 2016
Defense Secretary Ashton Carter announces the 'Hack the Pentagon' bug bounty program and new Defense Innovation Advisory Board to be headed by Eric Schmidt.
- January 19, 2016
David Chaum presents Internet anonymity tool PrivaTegrity, using the cMix mix network for reliable, high-performance Internet anonymity and protection against attacks or unauthorized backdoors.
- December 01, 2015
Samy Kamkar found a weakness in the algorithm American Express uses to generate replacement card information and created a credit card hack as a proof-of-concept.
- September 17, 2015
There is a growing concern for cyberespionage in U.S. after a financially motivated hacker group stole inside information to make millions from insider trading schemes.
- September 16, 2015
A new report details how attackers can fly under the radar by using stolen credentials in order to avoid breach detection and forgoing the use of malware in malicious activity.
- August 05, 2015
Cybercrime has developed substantially due to bulletproof hosting service efficiency. Trend Micro's report explains how and why these services evade law enforcement officials and remain online.
- July 31, 2015
The recently shutdown Darkode cybercriminal community has been rebuilt, and claims the administrators are intact and security will be tightened to better avoid law enforcement.
- July 24, 2015
News roundup: A wireless car hack demonstration has pushed vehicle security legislation and DMCA exemptions into the spotlight, and prompted a manufacturer recall. Plus: Hacking Team update; DHS email issues; and smartwatches vulnerable to attack.
- July 17, 2015
The U.S. Department of Justice, in coordination with 20 countries, has taken down the computer hacking forum known as Darkode, but experts say the community is already rebuilding.
- July 08, 2015
A mysterious hacker group has hit a number of major U.S. companies with the intent of committing industrial espionage, according to new security research reports.
- June 26, 2015
New roundup: Sometimes the least of threats -- such as click fraud -- can end up being the bigger issues -- like ransomware. Plus: U.S. Navy won't let go of XP; U.S./China cyber code of conduct; and more!
- April 22, 2015
Huawei's U.S. CSO pitched the rigor of its supply chain security processes to RSA Conference 2015 attendees, but they remained skeptical at best on whether to trust the Chinese networking and security vendor.
- April 14, 2015
A '60 Minutes' interview Sunday revealed that not only did Sony Pictures fall victim to well-known, off-the-shelf malware, but that the attackers also destroyed thousands of computers and servers after stealing the data.
- April 08, 2015
The Websense 2015 Threat Report claims that cybersecurity threats are getting more complex, but one expert says the trends aren't anything new.
- March 20, 2015
News roundup: Researchers at the 2015 Pwn2Own exploited every major Web browser, casting doubt on browser security once again. Plus: high-severity OpenSSL update; IE being phased-out in Windows 10; Americans dodging online surveillance.
- March 13, 2015
Experts agree that the Rowhammer vulnerability likely isn't an immediate threat to enterprises, but disagree on whether hardware vulnerabilities are about to reach a tipping point.
- March 10, 2015
Google's Project Zero has detailed a new proof-of-concept exploiting the "rowhammer" DRAM flaw to allow for root access on various operating systems.
- December 03, 2014
According to one expert, the FIN4 attack group's successful advanced phishing operations prove that phishing attacks can't be thwarted solely with user awareness training.
- November 25, 2014
Industry observers say the unveiling of the Regin malware, which came after more than half a decade in the wild, highlights the need for better detection methods.
- September 09, 2014
The home improvement retailer confirms its customers' payment card data was breached in an incident that is believed to have begun in April, likely compromising millions of card accounts.
- August 06, 2014
At Black Hat USA 2014, keynote speaker Dan Geer said bounding system dependencies was only hope for managing the risks of complexity.
- July 15, 2014
Video: BeyondTrust's Marc Maiffret explains why simple attacks are often more effective than advanced threats.
- April 10, 2014
The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.
- March 18, 2014
Researchers at the 2014 Pwn2Own contest bypassed application sandboxing repeatedly, proving even the most secure applications can be vulnerable.
- February 19, 2014
Attackers may be able to use Windows crash data to find their targets' weaknesses, but enterprises can turn the tables via better anomaly detection.
- January 16, 2014
With news of more retail breaches imminent, experts say point-of-sale security is just one of many payment-processing infrastructure problems.
- September 27, 2013
As enterprises try to turn toward more proactive defense measures, open source intelligence could prove to be a valuable tool, an expert panel said.
- September 25, 2013
A researcher at the 2013 (ISC)2 Security Congress said exploit kits have revolutionized malware creation, even lowering the bar for targeted attacks.
- September 17, 2013
Symantec has linked a China-based hacking group, dubbed 'Hidden Lynx,' with several recent, large-scale cyberattacks, including one against Bit9.
- August 01, 2013
After a contentious opening keynote by NSA Director Gen. Keith Alexander, day one of Black Hat 2013 showed smart device hacks, severe SCADA issues.
- May 06, 2013
The Chinese government's alleged cyber-espionage arm remains active after a quiet period, using the same tactics revealed in Mandiant's APT1 report.
- April 18, 2013
Big Yellow's annual report indicates a threefold rise in targeted attacks against SMBs as attackers search beyond big firms for susceptible targets.
- March 22, 2013
Former U.S. national security advisor Greg Rattray believes better cybersecurity intelligence is needed to combat a growing "Internet underground."
- March 04, 2013
Tillmann Werner of CrowdStrike wowed onlookers with a live 'sinkholing' demonstration, taking down the Kelihos P2P botnet.
- February 27, 2013
Chinese cyberattacks rely on spear phishing and overwhelming numbers, not sophisticated attack methods, says a researcher at RSA Conference 2013.
- October 30, 2012
Hackers share attack techniques and vulnerability information, shedding light on what threats matter most, according to a new study.
- September 07, 2012
Cybercriminals tied to the 2009 Aurora attacks have used a flurry of zero-day exploits and a new "watering hole" attack technique in targeted campaigns.
- September 04, 2012
Social engineering tactics often involve email attachments targeting various industry sectors, says the security firm.
- August 16, 2012
The search engine giant is doubling its payout when it holds its Pwnium 2 hacking contest in October at the Hack In the Box conference in Malaysia.
- July 25, 2012
Don Weber of InGuardians is releasing his smart meter hacking tool, but only to utilities, vendors and vendor-vetted researchers.
- July 25, 2012
The analysis environment aims to provide free access to millions of malware samples, according to Rodrigo Branco, who is unveiling the system at Black Hat 2012.
- July 20, 2012
Android app security, Near Field Communication and baseband processor attacks will be under a spotlight in the mobile track at Black Hat 2012.
- July 18, 2012
Insider Jennifer Jabbusch Minella ranks the top 10 Black Hat 2012 sessions on the conference agenda.
- July 17, 2012
Attack toolkits have grown in sophistication as cybercriminals add better code obfuscation and other techniques to avoid detection and improve attack effectiveness.
- June 21, 2012
Hacktivist group UGNazi says it caused multiple Twitter outages Thursday. Update: Twitter says a "cascading bug" was to blame.
- April 18, 2012
Security researchers try to get a better understanding of their adversary, but probing Anonymous is proving to be a difficult challenge.
- March 19, 2012
The Duqu Trojan’s communications module was written in a custom version of C—indicating a sophisticated professional development team at work.