2016-05-21 - Exploit-Kit – Exploit Integration

CVE-2016-4117 (Flash up to 21.0.0.213) and Exploit Kits

Blog - page 2 Discovered being exploited in the wild by FireEye [1] on May 8, 2016, patched 4 days later with Flash 21.0.0.242, CVE-2016-4117 is making its way to Exploit Kits. Read More ›

2016-05-15 - Social Engineering – Kit

U-Admin (Universal Admin): A Phishing(Web&Android)/Grabber/ATS/Token kit

Blog - page 2 A multi-purpose Kit advertised underground since 2015-11-16 Read More ›

2016-04-14 - Botnet – Deception

Bedep has raised its game vs Bot Zombies

Blog - page 2 Bedep could be described as a fileless loader with a resident module that can optionally perform AdFraud. It's intimate to Angler EK and appeared around August 2014. Read More ›

2016-04-08 - Exploit-Kit – Exploit Integration

CVE-2016-1019 (Flash up to 21.0.0.182/187) and Exploit Kits

Blog - page 2 Spotted in a “degraded” version on the 2016-04-02 in Magnitude, live also since 2016-03-31 in Nuclear Pack Read More ›

2016-03-26 - Exploit-Kit – Exploit Integration

CVE-2016-1001 (Flash up to 20.0.0.306) and Exploit Kits

Blog - page 2 Two weeks after Flash patch, two months after last Flash exploit integration in Angler, on the 2016-03-25 Angler EK, in some threads, is starting to send an exploit to Flash Player 20.0.0.270 and 20.0.0.306 Read More ›

2016-02-22 - Exploit-Kit – Exploit Integration

CVE-2016-0034 (Silverlight up to 5.1.41105.0) and Exploit Kits

Blog - page 2 Fixed with the January 2016 Microsoft patches, CVE-2016-0034 ( MS16-006 ) is a Silverlight Memory Corruption vulnerability and it has been spotted by Kaspersky with rules to hunt Vitaliy Toropov’s unknown Silverlight exploit mentioned in HackingTeam leak. Read More ›

2016-02-10 - Ransomware – Archeology

Cryptowall son of Borracho (Flimrans) ?

Blog - page 2 Lately I received multiple questions about connection between Reveton and Cryptowall. I decided to have a look. Read More ›

2016-01-25 - Exploit Kit – Exploit Integration

CVE-2015-8651 (Flash up to 20.0.0.228/235) and Exploit Kits

Blog - page 2 Angler has just integrated CVE-2015-8651 patched with Flash 20.0.0.270 on 2015-12-28 Read More ›

2015-12-21 - Exploit-Kit – Connect the dots

XXX is Angler EK

Blog - page 2 As I got many questions about an EK named XXX (that is said to be better than Angler ;) ) I decided to share some data here. Read More ›

2015-12-15 - Exploit-Kit – Exploit Integration

CVE-2015-8446 (Flash up to 19.0.0.245) And Exploit Kits

Blog - page 2 One week after patch Flash 19.0.0.245 is being exploited by Angler EK via CVE-2015-8446 Read More ›