VB Migration

Tag: exploit kit

  • VB2019 paper: Finding drive-by rookies using an automated active observation platform

    Exploit kits made a bit of a comeback in 2019, something we have also seen in our test lab . Detecting these kits isn’t trivial though, given the various anti-analysis measures built into them, from geo-restricting to specific countries or regions, to the detection of client-side sandboxes. In a last-minute paper presented at VB2019 in…

  • Virus Bulletin researcher discovers new Lord exploit kit

    The number of active exploit kits is very small: the recently published summer 2019 edition of Malwarebytes ‘ quarterly round-up lists the seven then known active exploit kits. To that, a potential eighth has now been added, thanks to Virus Bulletin researcher Adrian Luca. During his work on the VBWeb tests for web security products,…

  • Virus Bulletin researcher discovers new Lord exploit kit

    The number of active exploit kits is very small: the recently published summer 2019 edition of Malwarebytes ‘ quarterly round-up lists the seven then known active exploit kits. To that, a potential eighth has now been added, thanks to Virus Bulletin researcher Adrian Luca. During his work on the VBWeb tests for web security products,…

  • Latest Virus Bulletin report shows the difference web security products make

    Extremely targeted attacks aside, when a user gets infected through the web, it means something has happened that should not have. Either the user clicked on a link they shouldn’t have clicked on, or they were browsing the web using unpatched software. Unfortunately, in both large and small organisations, these things happen a lot. And…

  • Latest Virus Bulletin report shows the difference web security products make

    Extremely targeted attacks aside, when a user gets infected through the web, it means something has happened that should not have. Either the user clicked on a link they shouldn’t have clicked on, or they were browsing the web using unpatched software. Unfortunately, in both large and small organisations, these things happen a lot. And…

  • VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

    When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read for anyone who follows this type of threat. In his latest review , Jérôme writes about a slight reversal of an important shift seen in the past…

  • VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm

    When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read for anyone who follows this type of threat. In his latest review , Jérôme writes about a slight reversal of an important shift seen in the past…

  • VB2016 paper: Uncovering the secrets of malvertising

    In his VB2014 paper , Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security. Today, we…

  • VB2016 paper: Uncovering the secrets of malvertising

    In his VB2014 paper , Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security. Today, we…

  • Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189

    While avoiding the use of Flash is good advice for helping to fend off exploit kits, some of the vulnerabilities exploited by these kits actually target the browsers themselves. An important example of this is CVE-2016-0189, which affects Microsoft ‘s Internet Explorer browser versions 9 through 11. First discovered in the wild in targeted attacks…