Latest Intelligence for August 2017
August saw increases in the malware and spam rates, and new phishing warnings from the IRSRead More Continue reading Latest Intelligence for August 2017
Category Archives: exploit kits
Wireless Exploit Project
I’ve been given a task of doing research for some tools/methods of accomplishing the following goals:
The engineers will scan the 802.11-based signal cloud around your network testing for ways that outsiders could eavesdrop … Continue reading Wireless Exploit Project
Flash Player is Dead, Long Live Flash Player!
Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out the bubbly just yet: Adobe says Flash won’t be put down officially until 2020. Continue reading Flash Player is Dead, Long Live Flash Player!
What does ‘call back IP’ on FuzzBunch stand for?
I have been trying to simulate EternalBlue exploit on a system I own via FuzzBunch.
While playing around with Fuzz Bunch, I realized that there are a couple of options I am not very familiar with.
Questions:
What could I b… Continue reading What does ‘call back IP’ on FuzzBunch stand for?
How to mitigate evil twin WIFI social engineering attack?
I just come across this article: Capturing WPA Passwords by Targeting Users with a Fluxion Attack.
Although WIFI Evil Twin attack and WIFI de-authentication attacks is known for a long time, a mature ease of use WIFI toolk… Continue reading How to mitigate evil twin WIFI social engineering attack?
40,000 Subdomains Tied to RIG Exploit Kit Shut Down
GoDaddy, along with researchers from RSA Security and other companies, shut down tens of thousands of illegal established subdomains tied to the RIG Exploit Kit. Continue reading 40,000 Subdomains Tied to RIG Exploit Kit Shut Down
RoughTed: The anti ad-blocker malvertiser
A look at RoughTed, a purveyor of ad-blocker aware malvertising responsible for a range of scams, exploits, and malware.
Categories:
Cybercrime
Malware
Tags: ad-mavenadwareexploit kitsexploitsMagnitudemalvertisingPUPsRIGRoughTedscamstech support scam… Continue reading RoughTed: The anti ad-blocker malvertiser
Terror Exploit Kit Evolves Into Larger Threat
The Terror exploit kit has matured into a greater threat and carefully crafts attacks based on a user’s browser environment. Continue reading Terror Exploit Kit Evolves Into Larger Threat
Basic phishing emails are so effective that most hackers don’t use exploit kits anymore
Hackers overwhelmingly prefer to target email accounts as their entry point into organizations now, and it’s causing a massive drop in exploit kit usage, according to new research conducted by Symantec. The findings underscore a significant and recent transformation in the way that attackers generally seek to compromise systems; a trend that’s greatly accelerated over the last 12 months, Symantec found. “Malicious activity from exploit kits dropped by 60 percent in 2016, with our research indicating that attackers are now favoring email as a primary infection vector,” Symantec’s 2017 Internet Security Threat Report reads. “[Conversely,] email malware rates increased in 2016, from 1 in 220 emails to 1 in 131 emails” — a statistic largely driven by bot nets dispensing ransomware, said Bill Wright, director of government affairs for Symantec. The change has resulted in a reliance on what Symantec calls “living off the land” tactics. This translates into hackers […]
The post Basic phishing emails are so effective that most hackers don’t use exploit kits anymore appeared first on Cyberscoop.
Terror EK going ‘pro’? Not quite yet
 |
|
| A quick peek into some changes to Terror EK, an underdog exploit kit in development.
Categories: Tags: exploit kitsSundown EKTerror EK |
The post Terror EK going ‘pro’? Not quite yet appeared first on Malwarebytes Labs.