Exploit This

Security News, Exploits, and Vulnerabilities.

InPage zero-day exploit used to attack financial institutions in Asia

In September 2016, while researching a new wave of attacks, we found an interesting target which appeared to constantly receive spearphishes, a practice we commonly describe as a “magnet of threats”. Among all the attacks received by this magnet of threats, which included various older Office exploits such as CVE-2012-0158, one of them attracted our attention.

IT threat evolution Q3 2016. Statistics

The most popular mobile Trojan in the third quarter of 2016 was Trojan-Banker.AndroidOS.Svpeng.q. During the quarter, the number of users attacked by it grew almost eightfold.

IT threat evolution Q3 2016

Trojan-Ransom.AndroidOS.Fusob.h remained the most popular mobile Trojan-Ransomware in the third quarter, accounting for nearly 53% of users attacked by mobile ransomware.

Threat intelligence report for the telecommunications industry

The telecoms sector is under fire on all sides – hit by direct attacks on organizations and networks, indirect attacks in search of subscribers, and collateral damage from unrelated, targeted campaigns. This report reveals the many layers of vulnerability.

The Equation Giveaway

Rare implementation of RC5/RC6 in ‘ShadowBrokers’ dump connects them to Equation malware August 13, 2016 saw the beginning of a truly bizarre episode. A new identity going under the name ‘ShadowBrokers’ came onto the scene claiming to possess files belonging… Read Full Article

Conference Report: HITCON 2016 in Taipei

Hacks in Taiwan Conference (HITCON) 2016 was held on 22 – 23 July 2016 in Taipei, Taiwan. The theme of HITCON Community this year is “Security or Nothing”, focusing on hacking techniques and information security. About 1,500 participants attended to… Read Full Article

IT threat evolution in Q2 2016. Statistics

In the second quarter of 2016, Kaspersky Lab’s web antivirus detected 16,119,489 unique malicious objects: scripts, exploits, executable files, etc. 54,539,948 unique URLs were recognized as malicious by web antivirus components.

IT threat evolution in Q2 2016. Overview

Bankers and encryptors, ransomware and spyware, old and new exploits; APT attacks, ATM infection, spear phishing and fraud targeting large numbers of users – cybercriminals continue their hunt for money and information

Blackhat USA 2016

This year’s Blackhat USA briefings were held at the spacious Mandalay Bay, bringing speakers from all over the world to deliver mostly technical cyber-security talks. A number of our researchers were there attending talks and participating in the parallel IOActive and BSides events

Operation Daybreak

Kaspersky Lab discovers CVE-2016-4171 used in limited targeted attacks to compromise high profile victims.

%d bloggers like this: