Lucene search
K

111 matches found

ICS
ICS
added 2017/12/05 12:0 a.m.61 views

Siemens Industrial Products (Update B)

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01A Siemens Industrial Products that w...

8.7CVSS7.3AI score0.03315EPSS
Exploits0References40
Malwarebytes
Malwarebytes
added 2017/11/13 8:47 p.m.60 views

A week in security (November 6 – November 12)

After coming out victorious in a case against PUPs, Malwarebytes CEO Marcin Kleczynski has this to say: We fought for our users and we won. -- Marcin Kleczynski @mkleczynski November 9, 2017 And my, do we feel like champions! You can read more about this here. Last week, we looked into the...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/06 6:30 p.m.28 views

Magnitude EK actor goes for Bitcoin multiplier scam (updated)

It is well known that hot commodities tend to attract scammers and online criminals. The continuous rise of Bitcoin over the past year valued at over USD $7,188 at the time of writing is generating frenzy amongst fans of cryptocurrencies as well as those watching from the sidelines. While the...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2017/10/21 10:0 a.m.103 views

New Magniber Ransomware Targets South Korea, Asia Pacific

Researchers identified a new ransomware family called Magniber that uniquely targets only users in South Korea and the Asia-Pacific regions. The ransomware is primarily being distributed by the Magnitude exploit kit, a primary distribution vehicle in the past for Cerber ransomware. Because of...

7.6CVSS8AI score0.93165EPSS
Exploits10References2
FireEye
FireEye
added 2017/08/22 2:0 p.m.45 views

Hiking Club Malvertisements Drop Monero Miners Via Neptune Exploit Kit

Exploit kit EK activity has been on the decline ever since Angler Exploit Kit was shut down in 2016. Fewer people using Internet Explorer and a drop in browser support for Adobe Flash – two primary targets of many exploit kits – have also contributed to this decline. Additionally, some popular...

9.3CVSS9AI score0.94996EPSS
Exploits50References15
FireEye
FireEye
added 2017/08/22 10:0 a.m.234 views

Hiking Club Malvertisements Drop Monero Miners Via Neptune Exploit Kit

Exploit kit EK activity has been on the decline ever since Angler Exploit Kit was shut down in 2016. Fewer people using Internet Explorer and a drop in browser support for Adobe Flash – two primary targets of many exploit kits – have also contributed to this decline. Additionally, some popular...

9.3CVSS9AI score0.94996EPSS
Exploits50
Malwarebytes
Malwarebytes
added 2017/08/09 3:54 p.m.41 views

Cerber ransomware delivered in format of a different order of Magnitude

As a follow up to our study into the Magnitude exploit kit and its gate which we profiled in a previous blog post, we take a look at an interesting technique used to distribute the Cerber ransomware. Exploit kits are a very effective means of serving malicious payloads and an important aspect is...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/19 9:25 p.m.44 views

Terror EK actor experiments with URL shortener fraud

Terror EK is an exploit kit made from a mishmash of stolen code and with very limited distribution. In the past few months, we have seen a few minor updates to its code base which remains largely simplistic in comparison to professional-grade exploit kits of the past such as Angler EK, or...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/06 7:6 p.m.58 views

Report: Second quarter dominated by ransomware outbreaks

The second quarter of 2017 brought ransomware to unprecedented levels with worldwide outbreaks that went almost out of control. In scenarios reminiscent of yesteryears worms, WannaCry created global panic as it used a critical vulnerability in the SMBv1 protocol to propagate like wildfire. Within...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/05/24 12:0 a.m.6 views

Google Android MediaTek Thermal Driver elevation of privilege vulnerability (CNVD-2017-07436)

Google Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.MediaTek is a MediaTek component used in one of MediaTek's devices. An elevation of privilege vulnerability exists in Google Android. An attacker can exploit this...

7.6CVSS7.9AI score0.00783EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/05/19 2:22 p.m.49 views

Terror Exploit Kit Evolves Into Larger Threat

The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...

9.3CVSS8.1AI score0.74096EPSS
Exploits9References4
Talos Blog
Talos Blog
added 2017/05/18 11:27 a.m.52 views

Terror Evolved: Exploit Kit Matures

This post is authored by Holger Unterbrink and Emmanuel Tacheau Executive SummaryTalos is monitoring the major Exploit KitsEK on an ongoing basis. While investigating the changes we recently observed in the RIG EK campaigns, we identified another well known candidate: Terror Exploit Kit.Terror EK...

7.8AI score
Exploits0
ICS
ICS
added 2017/05/09 12:0 a.m.48 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update F)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

7.1CVSS6.7AI score0.01149EPSS
Exploits0References71
myhack58
myhack58
added 2017/04/17 12:0 a.m.278 views

Nebula exploit package CVE-2016-0189 exploit analysis-exploit warning-the black bar safety net

1. Introduction In recent years, exploit kitsEK/Exploit Kitmarket amidst the winds of change。 2016 early June, once rampant in the Angler EK disappeared, the Neutrino EK quickly filled the void. Then just less than 3 months time, the Neutrino EK and go for the underground, the RIG EK and then...

7.6CVSS7.6AI score0.93165EPSS
Exploits10
FireEye
FireEye
added 2017/03/15 12:48 p.m.8 views

Still Getting Served: A Look at Recent Malvertising Campaigns Involving Exploit Kits

Malvertising occurs when an online advertising network knowingly or unknowingly serves up malicious advertisements on a website. Malvertisements are a type of “drive-by” threat that tend to result in users being infected with malware for simply visiting a website. The victims of this threat are...

6.6AI score
Exploits0References8
FireEye
FireEye
added 2017/03/15 8:48 a.m.52 views

Still Getting Served: A Look at Recent Malvertising Campaigns Involving Exploit Kits

Malvertising occurs when an online advertising network knowingly or unknowingly serves up malicious advertisements on a website. Malvertisements are a type of “drive-by” threat that tend to result in users being infected with malware for simply visiting a website. The victims of this threat are...

6.6AI score
Exploits0
FireEye
FireEye
added 2017/03/15 8:48 a.m.18 views

Still Getting Served: A Look at Recent Malvertising Campaigns Involving Exploit Kits

Malvertising occurs when an online advertising network knowingly or unknowingly serves up malicious advertisements on a website. Malvertisements are a type of “drive-by” threat that tend to result in users being infected with malware for simply visiting a website. The victims of this threat are...

6.6AI score
Exploits0
myhack58
myhack58
added 2016/09/13 12:0 a.m.20 views

Sundown EK: vulnerability to use the tool in copying the masters-vulnerability warning-the black bar safety net

! Description Sundown is currently on the market the latest exploit tool, and the Sundown of the author also successfully proved himself is actually a plagiarism masters. Don't know this“borrow chickens lay eggs”thing was after exposure, and the user will buy his single? Recently, due to the Angl...

0.4AI score
Exploits0
FireEye
FireEye
added 2016/07/14 8:37 p.m.258 views

Exploit Kits Quickly Adopt Exploit Thanks to Open Source Release

A security researcher recently published source code for a working exploit for CVE-2016-0189 and the Neutrino Exploit Kit EK quickly adopted it. CVE-2016-0189 was originally exploited as a zero-day vulnerability in targeted attacks in Asia. The vulnerability resides within scripting engines in...

10CVSS9.6AI score0.94996EPSS
Exploits55References3
FireEye
FireEye
added 2016/07/14 4:37 p.m.654 views

Exploit Kits Quickly Adopt Exploit Thanks to Open Source Release

A security researcher recently published source code for a working exploit for CVE-2016-0189 and the Neutrino Exploit Kit EK quickly adopted it. CVE-2016-0189 was originally exploited as a zero-day vulnerability in targeted attacks in Asia. The vulnerability resides within scripting engines in...

10CVSS9.6AI score0.94996EPSS
Exploits55
Rows per page
Query Builder