Author Archives: Jérôme Segura

Exploit kits: summer 2018 review

Posted on by

Just like the beach, the EK landscape got a little crowded this summer. Find out what we discovered in our exploit kits summer review.
Categories:

Exploits
Threat analysis

Tags: drive-by downloadsdrive-bysEKEKsexploit kitsgrandsoftGreenFlash S… Continue reading Exploit kits: summer 2018 review

Obfuscated Coinhive shortlink reveals larger mining operation

Posted on by

A web miner injected into compromised sites is just the tip of the iceberg for an infrastructure hosting malicious Windows and Linux coin miners.
Categories:

Cryptomining
Threat analysis

Tags: cnhvcoinhiveminingmoneroshortlinks

(Read more…… Continue reading Obfuscated Coinhive shortlink reveals larger mining operation

New macro-less technique to distribute malware

Posted on by

The latest macro-less technique to distribute malware via Office documents does not involve exploits. Just a little bit of social engineering.
Categories:

Threat analysis

Tags: deeplinkmacro-lessmalwareOfficesettingcontent-ms

(Read more…)
Continue reading New macro-less technique to distribute malware

Two major Canadian banks hacked and blackmailed

Posted on by

The information of close to 90,000 customers from Simplii Financial and Bank of Montreal has reportedly been stolen by a group of hackers.
Categories:

Cybercrime
Hacking

Tags: BMOhackransomSimplii

(Read more…)

The post Two major Cana… Continue reading Two major Canadian banks hacked and blackmailed

A look into the Drupalgeddon client-side attacks

Posted on by

Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers.
Categories:

Cryptomining
Threat analysis

Tags: CMScontent management systemsdrupaldrupalgeddonmalicious cryptomining

(Read more…)

The p… Continue reading A look into the Drupalgeddon client-side attacks

Adobe Reader zero-day discovered alongside Windows vulnerability

Posted on by

A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.
Categories:

Exploits
Threat analysis

Tags: 0dayadobeAdobe ReaderCVE-2018-4990CVE-2018-8120zero day

(Read more…)

The post Adobe Reader zero-day … Continue reading Adobe Reader zero-day discovered alongside Windows vulnerability

Internet Explorer zero-day: browser is once again under attack

Posted on by

Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.
Categories:

Exploits
Threat analysis

Tags: 0dayCVE-2018-8174zero day

(Read more…)

Continue reading Internet Explorer zero-day: browser is once again under attack

Shoppers Stop tech scam draws from thousands of forced ad injections

Posted on by

The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page.
Categories:

Social engineering
Threat analysis

Tags: malvertisingtech su… Continue reading Shoppers Stop tech scam draws from thousands of forced ad injections

Magnitude exploit kit switches to GandCrab ransomware

Posted on by

After being faithful to its own Magniber ransomware for several months, Magnitude EK joins others to adopt GandCrab.
Categories:

Exploits
Threat analysis

Tags: EKexploit kitgandcrabMagnituderansomware

(Read more…)

The post Magnitude … Continue reading Magnitude exploit kit switches to GandCrab ransomware

‘FakeUpdates’ campaign leverages multiple website platforms

Posted on by

Browser update? Do not trust, and do verify before downloading potential malware.
Categories:

Social engineering
Threat analysis

Tags: chromeChtonicfake updatesFakeUpdatesfirefoxflashJoomlamalvertisingmalwareratSquarespacewordpress

(Read mor… Continue reading ‘FakeUpdates’ campaign leverages multiple website platforms