Lucene search
K

111 matches found

ThreatPost
ThreatPost
added 2019/08/01 3:13 p.m.53 views

Brand-New SystemBC Proxy Malware Spotted Using SOCKS5 for Stealth

A previously undocumented proxy malware, dubbed “SystemBC,” is upping the stealth game by using SOCKS5 to evade detection. It’s being distributed by the Fallout and RIG exploit kits EKs, according to researchers. Proofpoint researchers said on Thursday that in the most recently tracked example, t...

0.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/07/31 8:43 p.m.69 views

Malvertising Campaigns Skirt Ad Blockers, Serve Up Mac Malware

Two fresh malvertising campaigns are making the scene that are abusing the convoluted underpinnings of the internet economy to find malware victims. One is a large-scale exploit kit EK campaign designed to circumvent traditional safeguards, such as ad blockers, and the other uses web redirects to...

7AI score
Exploits0References5
Malwarebytes
Malwarebytes
added 2019/05/14 3:57 p.m.635 views

Exploit kits: spring 2019 review

Exploit kit activity remains fairly unchanged since our last winter review in terms of active distribution campaigns. But this spring edition will feature a new exploit kit and another atypical EK, in that it specifically goes after routers. The main driver behind these drive-by download attacks...

10CVSS9.3AI score0.89618EPSS
Exploits40
Malwarebytes
Malwarebytes
added 2019/02/12 4:0 p.m.783 views

Exploit kits: winter 2019 review

Active malvertising campaigns in December and the new year have kept exploit kit activity from hibernating in winter 2019. We mostly observed Fallout and RIG with the occasional, limited GrandSoft appearance for wider geo-targeting. In addition, narrowly-focused exploit kits such as Magnitude,...

10CVSS9.6AI score0.89618EPSS
Exploits40
Malwarebytes
Malwarebytes
added 2019/01/21 4:48 p.m.244 views

A week in security (January 14 – 20)

Last week on the Malwarebytes Labs blog, we took a look at how the government shutdown is influencing cybersecurity jobs, Advanced Persistent Threats group APT10, the comeback of Fallout EK, the hosting of malicious sites on legitimate servers, and the Collection 1 data breach. Other cybersecurit...

4.6CVSS8.2AI score0.04679EPSS
Exploits2
ThreatPost
ThreatPost
added 2019/01/18 7:58 p.m.154 views

Fallout EK Retools for a Fresh New 2019 Look

A new version of the Fallout exploit kit EK has emerged, featuring new exploits and fresh payloads, including the GandCrab ransomware. The development shows that EKs have a lot of life yet left in them, researchers say. The Fallout EK generally finds its victims by way of malvertising campaigns,...

10CVSS9.8AI score0.81971EPSS
Exploits13References5
Malwarebytes
Malwarebytes
added 2019/01/17 7:51 p.m.291 views

Improved Fallout EK comes back after short hiatus

Edit 2019-01-24 Fallout EK introduces a new dropper to facilitate the final payload retrieval. This update replaces the plain MZ we saw for a little while. -- After a short hiatus in early January, the Fallout exploit kit is back in business again with some new features for the new year. During i...

10CVSS0.2AI score0.81971EPSS
Exploits13
Malwarebytes
Malwarebytes
added 2018/10/24 4:10 p.m.926 views

Exploit kits: fall 2018 review

Exploit kit EK activity continues to surprise us as the weather cools, the leaves change, and we move into the fall of 2018. Indeed, shortly after our summer review, a new exploit kit was discovered, and while no new vulnerabilities were added to the current EKs, several malvertising chains are...

7.6CVSS9.1AI score0.89618EPSS
Exploits28
FireEye
FireEye
added 2018/09/06 11:0 a.m.2267 views

Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware

Towards the end of August 2018, FireEye identified a new exploit kit EK that was being served up as part of a malvertising campaign affecting users in Japan, Korea, the Middle East, Southern Europe, and other countries in the Asia Pacific region. The first instance of the campaign was observed on...

7.6CVSS1AI score0.87639EPSS
Exploits9
Malwarebytes
Malwarebytes
added 2018/08/07 3:0 p.m.1696 views

Exploit kits: summer 2018 review

The uptick trend in cybercriminals using exploit kits that we first noticed in our spring 2018 report has continued into the summer. Indeed, not only have new kits been found, but older ones are still showing signs of life. This has made the summer quarter one of the busiest we've seen for exploi...

7.6CVSS9AI score0.89618EPSS
Exploits28
Malwarebytes
Malwarebytes
added 2018/07/16 5:0 p.m.1531 views

Magniber ransomware improves, expands within Asia

This blog post was authored by @hasherezade and Jérôme Segura. The Magnitude exploit kit is one of the longest-serving browser exploitation toolkits among those still in use. After its inception in 2013, it enjoyed worldwide distribution with a liking for ransomware. Eventually, it became a priva...

7.6CVSS8.7AI score0.89618EPSS
Exploits28
Check Point Advisories
Check Point Advisories
added 2018/06/25 12:0 a.m.44 views

Joomla Ek Rishta Component SQL Injection (CVE-2018-12254)

An SQL injection vulnerability exists in Joomla Ek Rishta 2.10. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

6.5CVSS4.8AI score0.02616EPSS
Exploits5
0day.today
0day.today
added 2018/06/15 12:0 a.m.54 views

Joomla Ek rishta 2.10 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Title: SQL Injection Joomla Component Ek rishta 2.10 - SQL Injection Exploit Author: Guilherme Assmann Vendor Homepage:https://www.joomla.org/ Version: 2.10 Tested on: MacOSX, Safari, Chrome Download:...

0.2AI score0.02616EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/14 12:0 a.m.37 views

Joomla Component Ek Rishta 2.10 - SQL Injection

Joomla Component Ek Rishta 2.10 - SQL Injection Title: SQL Injection Joomla Component Ek rishta 2.10 - SQL Injection Date: 2018-06-14 Exploit Author: Guilherme Assmann Vendor Homepage:https://www.joomla.org/ Version: 2.10 Tested on: MacOSX, Safari, Chrome Download:...

6.5CVSS0.3AI score0.02616EPSS
Exploits5
CNVD
CNVD
added 2018/06/14 12:0 a.m.8 views

Harmis Ek rishta SQL Injection Vulnerability in Joomla!

Joomla! is an open source content management system CMS developed by the Open Source Matters team in the U.S. The system provides RSS feeds, site search, etc. Harmis Ek rishta aka ek-rishta is used in one of the wedding dating site plugin. A SQL injection vulnerability exists in the router.php fi...

8.8CVSS8AI score0.02616EPSS
Exploits5References1
Packet Storm
Packet Storm
added 2018/06/14 12:0 a.m.40 views

Joomla Ek Rishta 2.10 SQL Injection

Title: SQL Injection Joomla Component Ek rishta 2.10 - SQL Injection Date: 2018-06-14 Exploit Author: Guilherme Assmann Vendor Homepage:https://www.joomla.org/ Version: 2.10 Tested on: MacOSX, Safari, Chrome Download: https://extensions.joomla.org/extension/ek-rishta/ CVE: CVE-2018-12254...

0.3AI score0.02616EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/06/14 12:0 a.m.62 views

Joomla! Component Ek Rishta 2.10 - SQL Injection

Title: SQL Injection Joomla Component Ek rishta 2.10 - SQL Injection Date: 2018-06-14 Exploit Author: Guilherme Assmann Vendor Homepage:https://www.joomla.org/ Version: 2.10 Tested on: MacOSX, Safari, Chrome Download: https://extensions.joomla.org/extension/ek-rishta/ CVE: CVE-2018-12254...

8.8CVSS8.8AI score0.02616EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2018/06/12 7:4 p.m.662 views

Exploit kits: Spring 2018 review

Since our last report on exploit kits, there have been some new developments with the wider adoption of the February Flash zero-day, as well as the inclusion of a new exploit for Internet Explorer. We have not seen that many changes in the drive-by landscape for a long time, although these are th...

7.6CVSS9.4AI score0.93165EPSS
Exploits38
NVD
NVD
added 2018/06/12 5:29 p.m.26 views

CVE-2018-12254

router.php in the Harmis Ek rishta aka ek-rishta 2.10 component for Joomla! allows SQL Injection via the PATHINFO to a home/requesteduser/Sent%20interest/ URI...

8.8CVSS9AI score0.02616EPSS
Exploits5References2
OSV
OSV
added 2018/06/12 5:29 p.m.4 views

CVE-2018-12254

router.php in the Harmis Ek rishta aka ek-rishta 2.10 component for Joomla! allows SQL Injection via the PATHINFO to a home/requesteduser/Sent%20interest/ URI...

8.8CVSS5.8AI score0.02616EPSS
Exploits5References2
Rows per page
Query Builder