Search

Attackers are leveraging a newly discovered exploit kit in an international malvertising campaign that's been observed delivering GandCrab ransomware and the SmokeLoader malicious downloader, as well as engaging victims in social engineering scams. Nicknamed Fallout, the kit exploits a remote co...

Although there's been a drop in the activity of exploit kits (EK), threat actors have adapted by redirecting unwitting victims to exploit kit servers, according to a post on the Symantec blog.As outlined by Siddhesh Chandrayan, an associate threat analysis engineer at Symantec, with the shutdown of ...

The Sundown Exploit Kit (EK) has been caught thieving other thieves' property.Often considered to be of little interest by those on the frontline, Sundown's developers have started to get their act together.  Researchers at Trustwave detailed the EK's practice of stealing other kits' exploits a...

House legislators approved a bill Thursday prohibiting access to pornography on federal government computers. The law, called The Eliminating Pornography from Agencies Act, or H.R. 901, accompanies a government reform package sponsored by Rep. Gary Palmer (R-Alabama).The reform package passed w...

Researchers at Check Point are taking credit for knocking the Nuclear Exploit Kit out of use, saying the EK's usage has dropped to almost zero since the security company released a pair of reports that revealed its weaknesses.However, Craig Young computer security researcher for Tripwire, while conf...

Noting that the Nuclear exploit kit (EK) has been operating “largely off the radar” of late compared to its other more prolific peers, Cisco Talos Threat Researcher Nick Biasini wrote in a Wednesday blog post that the EK “has been successfully targeting and compromising users in more than 10,00...

An ongoing malvertising attack that has been injecting malware into WordPress sites has now switched its malicious payload from a Nuclear exploit kit (EK) to an Angler EK.Researcher Jerome Segura said a Wednesday Malwarebytes blog post that the payload switch occurred around Feb. 4 and that the camp...

Tech support scams often involve malvertising attacks using common exploit kits like Angler EK or Nuclear EK, but scammers can also lure victims through less complex exploits. For example, researchers at Malwarebytes noticed a scam using a malvertising campaign delivered from a few lines of code.Whi...

Threat actors are using a fake CloudFlare DDoS (distributed denial-of-service) check page as a Nuclear exploit kit (EK) gate to load a malicious redirection that ultimately triggers the EK, Malwarebytes Security Researcher Jerome Segura said in a blog post.“Upon further check, the ser...

Researchers at Malwarebytes spotted a unique malvertising attack targeting Comcast customers that also included an exploit kit (EK), a phishing-like page and a tech support scam.The malicious ad was displayed on Comcast's Xfinity search page via Google AdWords and was disguised as an ad that compare...