New Adobe Flash Exploit Found in Angler, Fiesta EKs

Two notorious exploit kits are already seeding vulnerable websites with exploits for a Flash Player vulnerability that was patched in last week’s Adobe security bulletin. French researcher Kafeine told Threatpost that the most likely scenario is that a skilled coder found a way to reverse-enginee...

Second jQuery Hack of Week Reported

Update A day after a compromise of the jQuery website was disclosed, the open source JavaScript library is dealing with a second attack. JQuery Foundation board member Ralph Whitbeck confirmed via email to Threatpost that a new compromise was under way and the organization was taking steps to...

jQuery Official Website Compromised To Serve Malware

The official website of the popular cross-platform JavaScript library jQuery jquery.com has been compromised and redirecting its visitors to a third-party website hosting the RIG exploit kit, in order to distribute information-stealing malware. JQuery is a free and open source JavaScript library...

jQuery.com Hacked, Redirecting to RIG Exploit Kit

Owners of websites built using the jQuery library are being warned of an attack against the toolkit’s website which is redirecting visitors to a third-party site hosting the RIG exploit kit. JQuery is a free and open source JavaScript library used for a number of things, including building AJAX...

Malicious Google DoubleClick Advertisements Distributed Malware to Millions of Computers

Cyber criminals have exploited the power of two online advertising networks, Google's DoubleClick and popular Zedo advertising agency, to deliver malicious advertisements to millions of internet users that could install malware on a user's computer. A recent report published by the researcher of...

Archie Exploit Kit Spotted Leveraging Adobe, Silverlight Vulnerabilities

A relatively new exploit kit that borrows modules copied from the Metasploit Framework and exploits any older versions of Adobe Flash, Reader and, Silverlight the user may be using has begun to make the rounds. Jaime Blasco, the director of AlienVault Labs dug deeper into kit, known as Archie, on...

Israeli Think Tank Compromised to Serve Sweet Orange Exploit Kit

The official website of a prominent Israel-based, Middle East foreign policy-focused think tank, the Jerusalem Center for Public Affairs JCPA, has been compromised and abused by attackers to distribute malware. The Israeli think tank website JCPA – an independent research institute focusing on...

Israeli Think-Tank Site Serves Sweet Orange Exploit

Attackers have compromised the website of a prominent Israel-based, Middle East foreign policy-focused think tank, the Jerusalem Center for Public Affairs JCPA. On Friday, researchers from Cyphort reported that the site was serving the Sweet Orange exploit kit via drive-by download. At the time o...

Malicious Advertisements Found on Java.com, Other High-Profile Sites

A New York-based online ad network company AppNexus, that provides a platform specializing in real-time online advertising, has again been spotted as the origin of a recent "malvertising" campaign that makes use of the Angler Exploit Kit to redirect visitors to malicious websites hosting the Aspr...

Java.com, TMZ Serving Malvertising Redirects to Angler Kit

Online ad network AppNexus has again been identified at the core of another malvertising campaign using the Angler Exploit Kit to redirect visitors to sites hosting the Asprox malware. Busy, popular websites including TMZ, Photobucket and Java.com in recent days have been serving malicious...

Koler Android Ransomware Infrastructure Complex and Agile

While the Koler ransomware may be a simplistic money-generating malware scam, the infrastructure standing up its campaigns is anything but. Researchers at Kaspersky Lab published a report today that not only explained details of how the attackers—possibly the group behind the Reveton...

Critroni - File Encrypting Ransomware out in the Wild

A new ransomware from the Crypto-Ransomware family has been detected by the security researcher, which is being sold in different underground forums from the last month and recently included in the Angler exploit kit. The latest ransomware, given the name “Critroni”, includes a number of odd...

Critroni Crypto Ransomware Seen Using Tor for Command and Control

There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen...

RIG Exploit Kit Website Redirection

A website redirection vulnerability has been reported in PHP. A remote attacker can exploit this vulnerability to infect users with the RIG exploit kit...

LightsOut/Hello Exploit Kit (CVE-2013-2465)

LightsOut/Hello is an exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware to the target...

Fiesta Exploit Kit Redirection

Fiesta is an exploit kit used by attackers targeting computer users. Remote attackers can infect users with Fiesta by enticing them to visit a malicious landing page...

ICS Malware Found on Vendors' Update Installers

Malware targeting industrial control systems has infected the update installers belonging to three known industrial control vendors, according to an advisory from the Industrial Control Systems Cyber Emergency Response Team ICS-CERT. The Havex remote access Trojan RAT is targeting vendors via...

AskMen Purportedly Compromised by Nuclear Pack Kit

Users who visit AskMen.com, a men’s entertainment and lifestyle portal, are being hit with malicious code, potentially stemming from the Nuclear Pack exploit kit, researchers announced today. When a user stumbles across the site – or a localized version aus.askmen.com, etc. of it – malicious code...

Infinity Exploit Kit Landing Page (CVE-2013-1347; CVE-2013-2423; CVE-2013-2465; CVE-2014-0322; CVE-2014-0502; CVE-2014-1776)

Infinity is a web exploit kit that operates by delivering a malicious payload to the victim's computer. Remote attackers can infect users with Infinity exploit kit by enticing them to visit a malicious web page. Infinity Exploit Kit installs payloads on infected computer, which could result in da...

RIG Exploit Kit Pushing Cryptowall Ransomware

With Cryptolocker quite possibly on its way to becoming yesterday’s ransomware news after the successful takedown of part of its distribution infrastructure, alternatives are already available. Cryptowall is the latest to grab some attention and traction on victimized computers. Cisco reported on...