HackDig : Dig high-quality web security articles

Spelevo exploit kit debuts new social engineering trick

2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult websites to compromise more devices. The current Chromium-d
Publish At:2019-12-18 16:50 | Read:2406 | Comments:0 | Tags:Threat analysis EK exploit kit Gozi malvertising Qakbot Qbot

Exploit kits: fall 2019 review

Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge. Based on our telemetry, these drive-bys are happening worldwide (with the exception of a few that are geo-targeted) and are fueled by malvertising
Publish At:2019-11-19 16:50 | Read:3099 | Comments:0 | Tags:Exploits and vulnerabilities Capesand EK exploit kit Fallout

A Look At A Neutrino EK Distributor

We’ve spotted a distribution channel for the Neutrino exploit kit which starts with malicious iframe injections. Digging a little more, we found what appears to be an infrastructure set up to handle traffic from multiple geolocations, much like a Traffic Distribution System (TDS). Initially, there was no intermediary between compromised sites and the T
Publish At:2016-04-06 21:35 | Read:5344 | Comments:0 | Tags:Exploits EK exploit neutrino

Gate To Nuclear EK Uses Fake CloudFlare DDoS Check

There has been a lot of talk about Nuclear EK recently, following Sucuri’s discovery about a large number of WordPress sites getting compromised to redirect to the exploit infrastructure. Here is another interesting spin: a Nuclear EK gate using a decoy CloudFlare DDoS check page while instead loading a malicious redirection that ultimately triggers th
Publish At:2016-02-08 18:15 | Read:5602 | Comments:0 | Tags:ExploitKits EK exploit fake Nuclear wordpress Cloud DDOS

Magnitude Exploit Kit Activity Increases Via Malvertising Attacks

During the past few days we have noticed a higher than usual number of malvertising attacks pushing the Magnitude exploit kit – which had been relatively quiet – to drop ransomware. Magnitude EK is one of those exploit kits we don’t hear about as much in comparison to others such as Angler EK or Nuclear EK. Its unique URL pattern makes it e
Publish At:2015-11-13 09:00 | Read:5707 | Comments:0 | Tags:Exploits Malvertising CVE-2015-7645 EK exploit kit Magnitude


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud