A (somewhat) complete timeline of Talos’ history

A lot has happened in Talos 10 years of existence. And to celebrate our birthday, we wanted to look back on some of the major moments in Talos history. Heres an overview of some of the major events, cyber attacks, research breakthroughs and more that truly make Talos Talos. We hope this walk down...

Picking Up Where Neutrino Left Off: RIG Pushing CrypMIC Ransomware

When an exploit kit fades away, it usually doesn’t take long for another to take its place in the limelight, especially when the kit is an integral part of the ransomware ecosystem. That’s exactly what’s happened over the past few weeks as researchers say they’ve seen an uptick in RIG Exploit Kit...

Lurk Criminal Gang Also Behind Angler Exploit Kit

The June arrest of a Russian cybercrime gang responsible for the Lurk Trojan also put to rest the infamous Angler Exploit Kit. Researchers at Kaspersky Lab today published a detailed report on the Lurk takedown, confirming at the same time the connection between the Lurk gang and Angler. Activity...

The Changing Face of Pseudo-Darkleech

The pseudo-Darkleech campaign is one of the most notorious and ongoing attacks of recent years, making use of major exploit kits to deliver primarily different strains of ransomware. The campaign has been a bit of chameleon since it was disclosed in March 2015 by researchers at Sucuri. The latest...

On the Rise of Ransomware, Bitcoin Phishing, and Exploit Kits

Mike Mimoso and Chris Brook recap the news of the week, including a Bitcoin phishing campaign, the Kaspersky Lab ransomware report, misconfigured email servers, and a decline in Angler exploit kit traffic. Download: ThreatpostNewsWrapJune242016.mp3 Music by Chris Gonsalves...

Nuclear, Angler Exploit Kit Activity Has Disappeared

Criminal hackers are fickle about their attack vectors. You need to look no further for evidence of this than their constant migration from one exploit kit to another. And while there is an expansive menu of exploit kits, attackers do seem to congregate around a precious few. Researchers who stud...

CryptXXX Jumps From Angler to Neutrino Exploit Kit

Crooks behind the revamped CryptXXX 3.100 ransomware have switched its distribution from the Angler Exploit Kit to the Neutrino Exploit Kit. The sudden change in distribution was spotted on Monday by researchers at the SANS Internet Storm Center. “This is not the first time we’ve seen campaigns...

Angler Exploit Kit Evading EMET

We recently encountered some exploits from Angler Exploit Kit EK that are completely evading Microsoft’s Enhanced Mitigation Experience Toolkit EMET. This is something we are seeing for the first time in the wild, and we only observed it affecting systems running Windows 7. Angler EK uses complex...

Angler Exploit Kit Evading EMET

We recently encountered some exploits from Angler Exploit Kit EK that are completely evading Microsoft’s Enhanced Mitigation Experience Toolkit EMET. This is something we are seeing for the first time in the wild, and we only observed it affecting systems running Windows 7. Angler EK uses complex...

Angler Exploit Kit Evading EMET

We recently encountered some exploits from Angler Exploit Kit EK that are completely evading Microsoft’s Enhanced Mitigation Experience Toolkit EMET. This is something we are seeing for the first time in the wild, and we only observed it affecting systems running Windows 7. Angler EK uses complex...

Updated CryptXXX Ransomware Big Money Potential

CryptXXX ransomware has received a major overhaul by its authors, putting it on the fast track to unseat Locky as top moneymaker for criminals. Researchers at Proofpoint said that on May 26, cybercriminals released an updated CryptXXX 3.100 version of the ransomware that includes a new StillerX...

New Decryptor Unlocks CryptXXX Ransomware

When exploits kits, in particular Angler, spread ransomware infections, people get nervous. The latest strain to appear in the virulent Angler kit is CryptXXX, which researchers at Proofpoint and Fox IT tied to the same group dropping old-school Reveton ransomware and Bedep click-fraud malware...

Malvertising Campaign Lands On Top Websites

Big-name websites were hit with a cunning malvertising campaign over the weekend that attempted to sneak TeslaCrypt ransomware on computers vulnerable to the potent Angler Exploit Kit. Top sites running the malicious ads included The New York Times owned NYTimes.com, Answers.com and AOL.com,...

Angler Exploit Learns New Tricks, Finds Home On Popular Website

Researchers report Angler Exploit Kit attacks have become more brazen and are now targeting top websites with new tricks that can evade browser-based antimalware protection. Karl Sigler, a SpiderLabs researcher at Trustwave, told Threatpost his lab found the Angler Exploit Kit on a popular websit...

Angler Exploit Kit Attacks Silverlight Vulnerability

Exploits for a vulnerability in Microsoft Silverlight have found their way into the dangerous Angler Exploit Kit a little more than a month after it was patched. French security researcher Kafeine said he was able to get independent confirmation from researchers at Kaspersky Lab that the exploit...

Here's How to Decrypt Hydracrypt & Umbrecrypt Ransomware Files

Over the last few years, we have seen several types of Ransomware malware that demand a whopping amount of money from users for the retrieval of their locked, compromised sensitive files. We have also witnessed the birth of decryption solution for some of the Ransomware like Cryptolocker partial,...

Angler Exploit Kit Redirection

Angler Exploit Kit operates by delivering a malicious payload to the victim's computer. Successful exploitation could result in remote code execution on the target system once the malicious page is loaded...

Hackers Install Free SSL Certs from Let's Encrypt On Malicious Web Sites

Who else didn't see this coming? It was so obvious as I stressed earlier that the Let's Encrypt free HTTPS certificates would not just help legitimate website operators to encrypt its users' traffic, but also help criminals to bother innocent users with malware through secure sites. Let's Encrypt...

Angler EK latest CVE-2 0 1 5-8 4 4 6 Flash Exploit analysis-exploit warning-the black bar safety net

Background description In 1 2 on Adobe mad patch 7 of 8 vulnerability after a week, the abroad security researcher kafeine@kafeinebroke the Angler Exploit Kit started using this month to patch the CVE-2 0 1 5-8 4 4 6 vulnerability to attack. Our first time to follow up on the vulnerability of the...

Cybercrime News Results In Cybercrime Blues

INTRODUCTION FireEye Labs recently spotted a 2011 article on cybercrime from the news site theguardian.com that redirects users to the Angler Exploit Kit. Successful exploitation by Angler resulted in a malware infection for readers of the article. A spokesperson for the guardian.com responded th...