Quantcast
Channel: Noise » exploit kit
Browsing all 18 articles
Browse latest View live

Krebs on Security: A Month Without Adobe Flash Player

I've spent the better part of the last month running a little experiment to see how much I would miss Adobe's buggy and insecure Flash Player software if I removed it from my systems altogether. Turns...

View Article



SANS Internet Storm Center, InfoCON: green: Another example of Angler exploit...

Introduction Angler exploit kit (EK) has been evolving quite a bit lately. Recently, this EK hasbeen altering its URL patterns on a near-daily basis. Thechanges accumulate, and you might not recognize...

View Article

SANS Internet Storm Center, InfoCON: green: BizCN gate actor changes from...

Introduction An actor using gates registered through BizCN recently switched from Fiesta to Nuclear exploit kit (EK). This happened around last month, and we first noticed the change on 2015-06-15. I...

View Article

SANS Internet Storm Center, InfoCON: green: Detecting Random – Finding...

Most normal user traffic communicates via a hostname and not an IP address. Solooking at traffic communicating directly by IP with no associated DNS request is a good thing do to. Some attackers use...

View Article

Krebs on Security: Adobe To Fix Another Hacking Team Zero-Day

For the second time in a week, Adobe Systems Inc. says it plans fix a zero-day vulnerability in its Flash Player software that came to light after hackers broke into and posted online hundreds of...

View Article


Krebs on Security: The Darkode Cybercrime Forum, Up Close

By now, many of you loyal KrebsOnSecurity readers have seen stories in the mainstream press about the coordinated global law enforcement takedown of Darkode[dot]me, an English-language cybercrime forum...

View Article

SANS Internet Storm Center, InfoCON: green: After Flash, what will exploit...

Introduction Adobe has received some bad publicity regarding zero-day Flash player exploits due to the recent Hacking Team compromise [1,2]. This certainly isnt the first time Adobe hashadsuch...

View Article

SANS Internet Storm Center, InfoCON: green: Angler’s best friends, (Mon, Jul...

Nope, not the kind of angler whose best friends are rubber boots, strings tied into flies, or a tape measure that starts with 5inches where others have a zero. This is about the Angler Exploit Kit,...

View Article


SANS Internet Storm Center, InfoCON: green: Nuclear EK traffic patterns in...

Introduction About two weeks ago, Nuclear exploit kit (EK)changed its URL patterns. Now it looks a bit likeAngler EK. Kafeine originally announced the change on 2015-07-21 [1], and we collected...

View Article


SANS Internet Storm Center, InfoCON: green: Actor using Angler exploit kit...

Introduction Ive often had a hard time finding compromised websites to kick off an infection chain for the Neutrino exploit kit (EK). During the past few months,weve usuallyseen Angler EK, Nuclear EK,...

View Article

SANS Internet Storm Center, InfoCON: green: A recent decline in traffic...

Introduction According to a 2014 report by ESET, Windigo is the code name for an ongoing operation that started as early as 2011 [1]. As noted in the report, legitimate traffic to servers compromised...

View Article

SANS Internet Storm Center, InfoCON: green: Actor that tried Neutrino exploit...

Introduction Last week, we saw the group behind a significant amount of Angler exploit kit (EK) switch to Neutrino EK [1]. We didnt know if the change was permanent, and I also noted that criminal...

View Article

SANS Internet Storm Center, InfoCON: green: What’s the situation this week...

Introduction Last month in mid-August 2015, an actor using Angler exploit kit (EK) switched to Neutrino EK [1]. A few days later, we found that actor using Angler again [2]. This week, were back to...

View Article


SANS Internet Storm Center, InfoCON: green: Recent trends in Nuclear Exploit...

Introduction Since mid-September 2015, Ive generated a great deal of Nuclear exploit kit (EK) traffic after checking compromised websites. This summer, I usually foundAngler EK. Now Im seeing more...

View Article

SANS Internet Storm Center, InfoCON: green: BizCN gate actor update, (Fri,...

Introduction The actor using gates registered through BizCN(alwayswith privacy protection) continues using the Nuclear exploit kit (EK) to deliver malware. My previous diary on this actor documented...

View Article


SANS Internet Storm Center, InfoCON: green: Cyber Security Awareness Month:...

Thiscartoon by JohnKlossnerreally hit a nerve with many security professionals. Itnicely illustrates how many of us see the futility of our jobs: We can buy all the greatest and latest equipment, but...

View Article

SANS Internet Storm Center, InfoCON: green: Exploit kit roundup: Less Angler,...

Introduction Earlier this month, Ciscos Talos team published an in-depth report on the Angler exploit kit (EK) [1]. The report also documentedCiscos coordination with hosting providers to shut down...

View Article


SANS Internet Storm Center, InfoCON: green: Compromised Magento sites led to...

Introduction Earlier this week, various blogs began reporting about compromisedMagento-based e-commerce websites. These compromised sites kicked off infection chains for Neutrino exploit kit (EK). Ive...

View Article
Browsing all 18 articles
Browse latest View live




Latest Images