413 matches found
New Injection Campaign Peddling Rogue Software Downloads
A mass injection campaign has surfaced over the last two weeks that’s already compromised at least 40,000 web pages worldwide and is tricking victims into downloading rogue, unwanted software to their computer. The campaign, dubbed GWload by researchers at Websense, relies on a Cost Per Action sc...
BlackHole Toolkit v2 JAVA Payload Stage Code Execution (CVE-2012-0507; CVE-2012-1723; CVE-2013-0422; CVE-2013-0431; CVE-2013-1493)
BlackHole is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with BlackHole by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware to the target...
BlackHole Toolkit v2 Landing Page Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
BlackHole Toolkit v2 Adobe Reader Payload Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
BlackHole Toolkit v2 EXE Payload Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
BlackHole Toolkit v2 Flash Player Payload Stage Code Execution
Blackhole is a web exploit kit that operates by delivering malicious payload to the victim's computer...
Blackhole Exploit Kit author Paunch arrested
An out-of-the-blue tweet from a Dutch researcher kicked off an unprecedented 24-hour rumor mill yesterday concerning the arrest of Paunch, a hacker allegedly behind the notorious Blackhole Exploit Kit. The arrest, finally confirmed today by the head of the European Cybercrime Centre EC3, is likel...
Paunch, the author of Blackhole Exploit kit arrested in Russia
According to a Security Analyst 'Maarten Boone' working at Fox-IT company, the Developer of notorious Blackhole Exploit Kit developer 'Paunch' and his partners were arrested in Russia recently. Blackhole Exploit Kit which is responsible for the majority of web attacks today, is a crimeware that...
Paunch, the author of Blackhole Exploit kit arrested in Russia
According to a Security Analyst 'Maarten Boone' working at Fox-IT company, the Developer of notorious Blackhole Exploit Kit developer 'Paunch' and his partners were arrested in Russia recently. Blackhole Exploit Kit which is responsible for the majority of web attacks today, is a crimeware that...
Shylock/Caphaw Banking Malware Infections on the Rise
Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...
Email Spam Claims US Attacks Syria and Leads to Malware
A new phishing campaign is disseminating malicious links with emails purporting to come from CNN saying that the United States has initiated military strikes against the embattled regime of Syrian President Bashar al Assad. One such email, obtained by Kaspersky Lab and posted on Securelist, comes...
Malvertising Campaign Redirects to Blackhole Exploit Kit
Online ad networks have proven efficient tools in spreading malware to a large number of sites simultaneously. Attackers who manage to spike an ad distribution service can potentially have millions of eyeballs on a malicious ad for a fraction of the cost it would take to buy or build spam lists,...
Many Flash, Java Users Running Older, Vulnerable Versions
It’s long been known that Java and Flash are favored targets of attackers, thanks to their huge install bases and numerous security issues. And the users who are targeted by these attacks aren’t doing themselves any favors either, as new research shows that 19 percent of business users are runnin...
Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit
Hackers are using a new exploit for a bug in the out-of-date but popular Java 6 platform to attack victims, and has been added to a commercially available Neutrino exploit kit. The use of Java 6 still is prevalent, opening up a significant number of users to the threat. F-secure analyst Timo...
Another Java 6 Vulnerability Found in the Wild
Unless you have an Oracle product that requires Java 6 or are paying for support for that version of the platform, you’d seen the last publicly available updates as of February. That doesn’t mean attackers have pushed back from targeting Java 6, and that certainly doesn’t mean that organizations...
Counter.php Redirecting to Sites Peddling Styx Exploit Kit
The Counter.php strain of malware has been spotted in the past redirecting users to a handful of malicious sites and now appears to be leveraging that ability to send victims to websites serving up the Styx exploit kit. According to a post on Securelist today, Vincente Diaz, a researcher with...
New Botnet Campaign 'Fort Disco' Brute-Forcing Thousands of WordPress, Joomla Websites
Password theft has been a growing problem within the security community. Researchers at Arbor Networks have uncovered a botnet called Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress, Joomla and Datalife Engine. The Fort Disco botnet is...
New Botnet Campaign 'Fort Disco' Brute-Forcing Thousands of WordPress, Joomla Websites
Password theft has been a growing problem within the security community. Researchers at Arbor Networks have uncovered a botnet called Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress, Joomla and Datalife Engine. The Fort Disco botnet is...
Royal Baby Spam Campaign Leads to Black Hole-Infected Site
Everyone loves babies, especially magical royal ones who are destined to pull a sword from a stone. As it turns out, the baby admiring demographic also includes spammers, who are using the current frenzy over the birth of Prince William and Duchess Kate’s baby boy to direct victims to a site...
Google Adds Phishing, Malware Info to Transparency Report
Google divulged new statistics today about its Safe Browsing program, a service it uses to flag websites it suspects of peddling malware and phishing. According to the numbers, most of the “unsafe website” warnings it pushes to users on Google Search and in browsers, stem from malware and not...