Cryptowall Ransomware Spreading Rapidly through Malicious Advertisements

Ransomware is an emerging threat in the evolution of cybercriminals techniques to part you from your money. Typically, the malicious software either lock victim’s computer system or encrypt the documents and files on it, in order to extort money from the victims. Though earlier we saw the samples...

Netflix Users Targeted by Microsoft Silverlight Exploits

Netflix, the world’s largest Internet Video Subscription service with more than 35.7 million customers in U.S alone, that runs on the Microsoft Silverlight platform, has now become a popular target for cybercriminals, as public awareness of Java and Flash flaws is increasing. Silverlight is a...

Malvertising Redirecting to Angler EK, Silverlight Exploits

The fact that Netflix accounts for one-third of Internet traffic during peak evening hours, and that it runs on the Microsoft Silverlight platform, is just too tempting a combination for hackers to pass up. For the second time in six months, criminal hacker groups are zeroing in on Silverlight...

Device-Locking Ransomware Moves to Android

UPDATE–Ransomware has been wreaking havoc on desktops for many years now, with attackers demanding that victims pay a fee to unlock the infected system. This kind of malware hasn’t been a huge issue yet on mobile devices, but that’s beginning to change, albeit slowly. A new piece of mobile malwar...

g01pack Exploit Kit Remote Code Execution

g01pack exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with g01pack exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware t...

BlackHole Toolkit URL Pattern Remote Code Execution

BlackHole is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with BlackHole by enticing them to visit a specially crafted link...

Energy Watering Hole Attack Used LightsOut Exploit Kit

A recent watering-hole attack targeted firms in the energy sector using a compromised site belonging to a law firm that works with energy companies and led victims to a separate site that used the LightsOut exploit kit to compromise their machines. The attack, which was active during late Februar...

Joomla Fixes Critical SQL Injection Vulnerability

The open-source content management framework Joomla pushed out version 3.2.3 of its product last week, fixing a SQL injection zero-day vulnerability that could have let attackers steal information from databases or insert code into sites running the CMS. While little is being disclosed by Joomla,...

Neutrino Exploit Kit Landing Page Code Execution

Neutrino is an exploit kit that operates by delivering malicious payload to a victim's computer. Remote attackers can infect users with Neutrino by enticing them to visit a malicious landing page...

Caphaw Banking Malware Distributed via YouTube Ads

More than one billion of unique visitor spend about 6 billion hours on YouTube to watch videos, according to monthly YouTube Stats. Security researchers from Bromium Labs recently found that YouTube advertising network has been abused by rogue advertisers to distribute malware. YouTube In-Stream...

DailyMotion Still Serving FakeAV Malware Scam

More than three weeks after notifying video-sharing site DailyMotion that it was compromised, security company Invincea reports the popular website is still infected. A spokesperson told Threatpost that Invincea’s original notification was not acknowledged and the company suspects this is a...

Blackhole Exploit Kit Successor Years Away

It should shock no one that a viable successor to the Blackhole exploit kit has yet to emerge in the criminal underground. It’s been less than three months since the arrest of its alleged creator Paunch sent cybercriminals reliant on the toolkit scrambling for a replacement. And like any profitab...

DailyMotion Hosting Malvertising Leading to Fake AV Attack

Video-sharing site DailyMotion, one of the most popular destinations on the Web, is in the throes of an attack where it is serving malicious ads redirecting users to a fake AV scam. Security firm Invincea reported the issue to the website, and as of 4 p.m. ET, DailyMotion was still serving the fa...

Yahoo Removes Ads Redirecting to Magnitude Exploit Kit

The race to replace the Blackhole Exploit Kit as the web exploit pack of choice for cybercriminals seems to have an early leader in Magnitude. Researchers at Dutch security firm Fox-IT reported over the weekend that European visitors to Yahoo were falling victim to malicious ads hosted on the sit...

Yahoo Ad Network abused to redirect users to malicious websites serving Magnitude Exploit Kit

Internet advertisement networks provide hackers with an effective venue for targeting wide range computers through malicious advertisements. Previously it was reported by some security researchers that Yahoo's online advertising Network is one of the top ad networks were being abused to spread...

Dennis Fisher and Mike Mimoso Discuss the NSA, Blackhole Exploit Kit

Dennis Fisher and Mike Mimoso discuss the happenings in the security world of late, including the latest NSA revelations, the odd DGA Changer malware and the response of attackers to the death of Blackhole...

Chewbacca Tor-Based Malware Steals Keystrokes

The Tor network may provide a lead-lined cover for Internet users seeking a measure of privacy online, but it also has proven to be an attractive shelter for attackers. A number of malware campaigns have been able to successfully maneuver on Tor, using the anonymity network as a communication...

'Paunch', Blackhole exploit kit creator and Gang arrested in Russia

None...

Blackhole and Cool Exploit Kits Nearly Extinct

When authorities in Russia arrested Paunch, the alleged creator of the Blackhole exploit kit, last month, security researchers and watchers of the malware underground predicted that taking him off the board would put a dent in the use of Blackhole and force its customers onto other platforms. Six...

Exploit Kit Adds Vector for Silverlight Vulnerability

Developers behind the Angler Exploit Kit have apparently added a new exploit over the last week that leverages a known vulnerability in Microsoft’s Silverlight browser framework. Silverlight, similar to Adobe Flash, is Microsoft’s plug-in for streaming media on browsers and is perhaps most known...