dcsimg

Exploit kits: fall 2018 review

Exploit kit (EK) activity continues to surprise us as the weather cools, the leaves change, and we move into the fall of 2018. Indeed, shortly after our summer review, a new exploit kit was discovered, and while no new vulnerabilities were added to the current EKs, several malvertising chains are still going strong. Smoke Loader, Ramnit, and AZORult are some of the most common payloads we’ve … [Read more...]

Seamless campaign serves RIG EK via Punycode (updated)

Update (2017-12-05): We noted some malvertising chains using a new domain name (newadultthem[.]info) also hosted on the same IP address as the Punycode one. – – The Seamless campaign is one of the most prolific malvertising chains pushing the RIG exploit kit and almost exclusively delivering the Ramnit Trojan. Identification of Seamless is typically easy, due to its use of static … [Read more...]