Results for "domain shadowing"
April 29, 2015 - A particular case merges domain shadowing, a popular technique used by the Angler exploit kit, with malvertising, making it a perfect combination for cyber criminals.
September 27, 2016 - In the battle of exploit kits, RIG EK has earned some extra mileage by being leveraged in a high profile malvertising attack on popular website answers.com. The same domain shadowing campaigns that were popular in the Angler era are continuing with RIG now.
November 19, 2019 - With even more exploit kits in town, the drive-by download landscape shows continued activity in fall 2019.
August 2, 2019 - In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.
August 31, 2017 - Researcher Chris Boyd gave a talk at BSides Manchester on the subject of malvertising, and we have the full thing in video format for you to watch.
July 5, 2017 - Several large malvertising campaigns went unnoticed amidst the news of the latest ransomware outbreak.
July 26, 2016 - We've covered the Neutrino and Magnitude exploit kits. Now we take a look at number #3, RIG EK and the different distribution paths using packet captures collected by our honeypot. The campaigns for distribution involve malvertising and compromised sites (much like all other EKs) but there is a notable diversity in how many different ways RIG EK is being loaded and the type of payloads it is serving.
July 4, 2016 - The last high profile malvertising activity we had seen was on June 7th with a drive-by download incident on Yahoo that used Neutrino EK instead of Angler EK. This was rather unusual and was later confirmed as not just an anomaly, by the switch of exploit campaigns to Neutrino, precisely around that same time frame. Attacks have been scarce since then, but we just spotted the same group, confirming it is still somewhat in business.
April 4, 2016 - A compilation of notable security news and blog posts from March 27 to April 02.
March 29, 2016 - Fraudsters game the ad industry system again to push malicious code.