Is your browser secure and private enough by design or do you need to worry about security, privacy, fingerprinting, ads, and cookies yourself?
This post covers the information disclosure bugs in Internet Explorer and Edge that we sometimes refer to as ‘fingerprinting’. We review past flaws as well as a currently unpatched one used in the wild before exploring some long term mitigations.
The last high profile malvertising activity we had seen was on June 7th with a drive-by download incident on Yahoo that used Neutrino EK instead of Angler EK. This was rather unusual and was later confirmed as not just an anomaly, by the switch of exploit campaigns to Neutrino, precisely around that same time frame. Attacks have been scarce since then, but we just spotted the same group, confirming it is still somewhat in business.
Since the disappearance of Angler EK, exploit kit activity is at one of its lowest it has been in a long time. The focus is therefore on Neutrino EK, which has somewhat picked up the pieces, although at a much lower rate. In this post we look at a change recently noticed with the Flash exploit Neutrino uses, which now includes fingerprinting of the user’s machine.
Threat actors refine a malvertising campaign leading to Magnitude EK.
A white paper collaboration between Malwarebytes and GeoEdge on the latest malvertising techniques.