Collaborate Disseminate
Here is a look at what exploit kits, CVEs and other web-based threats are keeping security professionals working overtime in 2018. Continue reading ThreatList: Exploit Kits Still a Top Web-based Threat
After being faithful to its own Magniber ransomware for several months, Magnitude EK joins others to adopt GandCrab.
Categories:
Exploits
Threat analysis
Tags: EKexploit kitgandcrabMagnituderansomware
(Read more…)
The post Magnitude … Continue reading Magnitude exploit kit switches to GandCrab ransomware
Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious redirects a day. About EITest EITest relied on compromised websites – mostly W… Continue reading Security researchers sinkholed EITest infection chain
Hackers don’t play favorites. Criminals rob banks because that’s where the money is and, for a long time, hackers deployed exploit kits because that’s what worked. But exploit kit development cratered by 62 percent in 2017 driven by the rise of cryptojacking, improved browser security and specific victim targeting, according to a new report from Recorded Future. An exploit kit is software that automates the process of identifying and exploiting vulnerabilities on targets. They’re relatively easy to use and can be powerful when deployed. The exploit kit business has been around for well over a decade, providing a steady income for illicit developers and serious weapons for cybercriminals. The 2017 decline follows major shifts in the exploit kit landscape dating back to 2016, when a number of the leaders in the exploit kit market ceased operations. That trend is credited in large part to the decline in available zero day vulnerabilities. Cryptojacking […]
The post With cryptojacking rising, exploit kits rapidly decline appeared first on Cyberscoop.
Continue reading With cryptojacking rising, exploit kits rapidly decline
Researchers highlight a privately held traffic distribution system tool for malware called BlackTDS that lowers the bar to entry for threat actors. Continue reading New Web-Based Malware Distribution Channel ‘BlackTDS’ Surfaces
An uncommon exploit kit adds a fresh Flash Player exploit to distribute the Hermes ransomware in South Korea.
Categories:
Exploits
Threat analysis
Tags: CVE-2018-4878EKexploit kitFashHermesransomware
(Read more…)
The post Hermes rans… Continue reading Hermes ransomware distributed to South Koreans via recent Flash zero-day
The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we’ll take a deep dive into its functionality and compare the sample we captured with the one described in the past.
Categories:
M… Continue reading Avzhan DDoS bot dropped by Chinese drive-by attack
The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we’ll take a deep dive into its functionality and compare the sample we captured with the one described in the past.
Categories:
M… Continue reading Avzhan DDoS bot dropped by Chinese drive-by attack
This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits.
Categories:
Threat analysis
Tags: Chinesecoinhivedrive-byEKexploit kitexploitsFlash PlayerInternet Explorersvchost.exe… Continue reading Drive-by download campaign targets Chinese websites, experiments with exploits
This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits.
Categories:
Threat analysis
Tags: Chinesecoinhivedrive-byEKexploit kitexploitsFlash PlayerInternet Explorersvchost.exe… Continue reading Drive-by download campaign targets Chinese websites, experiments with exploits