HackDig : Dig high-quality web security articles for hacker

Exploit kits: fall 2019 review

Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge. Based on our telemetry, these drive-bys are happening worldwide (with the exception of a few that are geo-targeted) and are fueled by malvertising
Publish At:2019-11-19 16:50 | Read:275 | Comments:0 | Tags:Exploits and vulnerabilities Capesand EK exploit kit Fallout

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are continuo
Publish At:2019-11-12 02:35 | Read:122 | Comments:0 | Tags:Exploits Malware Blockchain Capesand exploit kit exploit

New Disdain Exploit Kit Detected in the Wild

By Chaoying Liu and Joseph C. Chen The exploit kit landscape has been rocky since 2016, and we’ve observed several of the major players—Angler, Nuclear, Neutrino, Sundown—take a dip in operations or go private. New kits have popped up sporadically since then, sometimes revamped from old sources, but none have really gained traction. Despite that fact,
Publish At:2017-08-17 08:05 | Read:3138 | Comments:0 | Tags:Exploits exploit kit exploit

ProMediads Malvertising and Sundown-Pirate Exploit Kit Combo Drops Ransomware and Info Stealer

With additional insights/analysis from Chaoying Liu We’ve uncovered a new exploit kit in the wild through a malvertising campaign we’ve dubbed “ProMediads”. We call this new exploit kit Sundown-Pirate, as it’s indeed a bootleg of its precursors and actually named so by its back panel. ProMediads has been active as early as 2016, employing Rig and Sundown exp
Publish At:2017-07-19 15:35 | Read:3987 | Comments:0 | Tags:Bad Sites Exploits exploit kit LockPOS malvertising ProMedia

AdGholas Malvertising Campaign Employs Astrum Exploit Kit

At the end of April this year, we found Astrum exploit kit employing Diffie-Hellman key exchange to prevent monitoring tools and researchers from replaying their traffic. As AdGholas started to push the exploit, we saw another evolution: Astrum using HTTPS to further obscure their malicious traffic. We spotted a new AdGholas malvertising campaign using the A
Publish At:2017-06-20 11:50 | Read:6579 | Comments:0 | Tags:Bad Sites Ransomware AdGholas Astrum exploit kit malvertisin

Will Astrum Fill the Vacuum in the Exploit Kit Landscape?

The decline of exploit kit activity—particularly from well-known exploit kits like Magnitude, Nuclear, Neutrino, and Rig during the latter half of 2016—doesn’t mean exploit kits are throwing in the towel just yet. This is the case with Astrum (also known as Stegano), an old and seemingly reticent exploit kit we observed to have been updated multiple times as
Publish At:2017-05-18 23:10 | Read:4396 | Comments:0 | Tags:Exploits Vulnerabilities Astrum diffie-hellman exploit kit e

EITest Corners Chrome Users with Social Engineering, Delivers Fleercivet Trojan

There are numerous ways to redirect a user to an exploit kit. Some of these methods are quite sophisticated. Take pseudo-Darkleech, for instance. This attack campaign injects malicious code into WordPress core files. That code creates a malicious iframe that redirects the user to a landing page for an exploit kit. In so doing, the campaign builds off Darklee
Publish At:2017-01-23 02:15 | Read:3573 | Comments:0 | Tags:Cyber Security Featured Articles Exploit Kit malware social

Got Outdated Software? RIG Exploit Kit and Cerber Ransomware Hope You Say ‘Yes’

Some digital threats are more serious than others but when it comes to unpatched software, nothing’s worse than an exploit kit. These software packages come preprogrammed with the ability to exploit active security issues on vulnerable computers.If they find one such hole agape, they’ll use their exploit code to download ransomware and other badd
Publish At:2017-01-20 00:35 | Read:4232 | Comments:0 | Tags:Cyber Security Featured Articles Exploit Kit pseudo-Darkleec

Updated Sundown Exploit Kit Uses Steganography

This year has seen a big shift in the exploit kit landscape, with many of the bigger players unexpectedly dropping out of action. The Nuclear exploit kit operations started dwindling in May, Angler disappeared around the same time Russia’s Federal Security Service made nearly 50 arrests last June, and then in September Neutrino reportedly went private and sh
Publish At:2016-12-29 13:35 | Read:4586 | Comments:0 | Tags:Exploits Malware Vulnerabilities exploit kit steganography S

Stegano campaign exposed millions netizens via attack code in pixels of ads banners

Stegano campaign – Millions of people visiting major websites may have been infected with malicious code that was embedded in pixels of the ads banners. A single pixel could be used to compromise your PC, millions of people visiting major websites over the past months may have been infected with malicious code that was embedded in pixels of the ads ban
Publish At:2016-12-07 15:45 | Read:2971 | Comments:0 | Tags:Breaking News Cyber Crime Malware cybercrme exploit kit Hack

CryptoLuck Ransomware spread through the RIG-E Exploit Kit

CryptoLuck ransomware is a new strain of malware discovered by the researcher Kafeine, that is being distributed via the RIG-E exploit kit. The notorious researcher Kafeine has spotted a new strain of ransomware dubbed CryptoLuck. The malware leverages DLL hijacking and exploits the legitimate GoogleUpdate.exe executable to infect computers. The ransomware a
Publish At:2016-11-17 16:40 | Read:3393 | Comments:0 | Tags:Breaking News Malware CryptoLuck ransomware Cybercrime explo

CryptoLuck Ransomware Infects Victims Using Signed GoogleUpdate.exe

A new ransomware called “CryptoLuck” is infecting victims via a legitimate, code-signed program from Google known as “GoogleUpdate.exe.”Security researcher Kafeine spotted the RIG-E (Empire) exploit kit distributing CryptoLuck via malvertising. It’s not the first time they’ve detected an exploit kit campaign distributing r
Publish At:2016-11-16 20:25 | Read:2926 | Comments:0 | Tags:Latest Security News CryptoLuck Exploit Kit Google ransomwar

Bizarro Sundown Exploit Kit Distributing Locky Ransomware via ShadowGate

The Bizarro Sundown exploit kit is spreading two versions of Locky ransomware via the still-active ShadowGate malvertising campaign.In October, Trend Micro spotted two versions of Bizarro Sundown, a modification of the earlier Sundown exploit kit which rose to prominence with RIG following Neutrino’s demise.The first iteration reared its ugly head at t
Publish At:2016-11-04 20:25 | Read:3229 | Comments:0 | Tags:Latest Security News Bizarro Sundown Exploit Kit Malvertisin

RIG Exploit Kit the Final Destination of HookAds Malvertising Campaign

The HookAds malvertising campaign redirects users to a landing page for the RIG exploit kit that comes prepackaged with all types of baddies.HookAds, which got its name from a string found by Malwarebytes researchers in the delivery URL, works as follows.A malvertising chain redirects visitors to adult websites that sometimes generate millions of views a mon
Publish At:2016-11-02 13:25 | Read:2968 | Comments:0 | Tags:Latest Security News Exploit Kit Flash Malvertising RIG expl

RIG Exploit Kit Begins Distributing CrypMic Ransomware After ShadowGate Takedown

On June 7, 2016, the Angler exploit kit all of a sudden disappeared. It’s unclear exactly what led to Angler’s demise, but all reports indicate the exploit kit shut down after Russian authorities arrested 50 members of a hacker group that developed Lurk malware along with Angler.So, what did the exploit kit world do in response? It did what it al
Publish At:2016-09-22 19:30 | Read:4318 | Comments:0 | Tags:Cyber Security Featured Articles Angler botnet Exploit Kit N


Share high-quality web security related articles with you:)


Tag Cloud