HackDig : Dig high-quality web security articles for hackers

A fresh massive AdGholas Malvertising campaign infects millions

Researchers at Proofpoint discovered a massive AdGholas Malvertising Campaign infecting as many as 1 million computers per day with several banking trojans. A new massive AdGholas malvertising network discovered by experts at Proofpoint has been infecting as many as 1 million computers per day with several banking trojans. AdGholas operators have been active
Publish At:2017-07-04 19:20 | Read:3376 | Comments:0 | Tags:Breaking News AdGholas Angler EK Cybercrime malvertising mal

AdGholas Malvertising Campaign Employs Astrum Exploit Kit

At the end of April this year, we found Astrum exploit kit employing Diffie-Hellman key exchange to prevent monitoring tools and researchers from replaying their traffic. As AdGholas started to push the exploit, we saw another evolution: Astrum using HTTPS to further obscure their malicious traffic. We spotted a new AdGholas malvertising campaign using the A
Publish At:2017-06-20 11:50 | Read:8024 | Comments:0 | Tags:Bad Sites Ransomware AdGholas Astrum exploit kit malvertisin

CVE-2017-0022 Windows Zero-Day flaw used by AdGholas hackers and it was included in Neutrino EK

The recently patched CVE-2017-0022 Windows Zero-Day vulnerability has been exploited by threat actors behind the AdGholas malvertising campaign and Neutrino EK since July 2016. Microsoft has fixed several security flaws with the March 2017 Patch Tuesday updates. According to security experts at Trend Micro, the list of fixed vulnerabilities includes three fl
Publish At:2017-03-26 01:15 | Read:4806 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware AdGholas CVE-2017-

CVE-2017-0022: Microsoft Patches a Vulnerability Exploited by AdGholas and Neutrino

Part of this month’s Patch Tuesday is an update for a zero-day information disclosure vulnerability (CVE-2017-0022), which we privately reported to Microsoft in September 2016. This vulnerability was used in the AdGholas malvertising campaign and later integrated into the Neutrino exploit kit. CVE-2017-0022 likely replaced the similar CVE-2016-3298 and CVE-2
Publish At:2017-03-24 18:50 | Read:5136 | Comments:0 | Tags:Exploits Vulnerabilities AdGholas Vulnerability exploit

CVE-2016-3298: Microsoft Puts the Lid on Another IE Zero-day Used in AdGholas Campaign

Microsoft’s Patch Tuesday for October fixed another previous zero-day vulnerability in Internet Explorer (IE) via MS16-118 and MS16-126: CVE-2016-3298. Before the lid was put on it, the security flaw was employed alongside CVE-2016-3351 by operators of the AdGholas malvertising campaign, analysis and disclosure of which were made with our collaboration with
Publish At:2016-11-19 12:05 | Read:4616 | Comments:0 | Tags:Exploits Vulnerabilities AdGholas CVE Internet Explorer malv


Share high-quality web security related articles with you:)