Exploit kits: winter 2019 review
We review the top exploit kits in this winter 2019 snapshot.
Exploit kits: Winter 2017 review
We take a look at the current exploit kit scene (Winter 2017) according to our telemetry and honeypots.
A week in security (Jan 01 – Jan 07)
A compilation of notable security news and blog posts from the 1st of January to the 7th. This week, we touched on the Sundown exploit kit with a surprising payload and a fake technical support page that wreaked havoc on Mac systems.
Exploit kits: Fall 2016 review
In this post, we review the changes in the exploit kit landscape over the past months by looking at new arrivals and departures.
A week in security (Oct 16 – Oct 22)
A compilation of notable security news and blog posts from the 16th of October to the 22nd. This week, we reported about a Facebook hoax, a noteworthy DDoS attack, ransomware, and exploit kit campaigns. We also made several company announcements.
Yet another Sundown EK variant? (updated)
The Sundown exploit kit is keeping us busy by switching from one variant to the next. This latest one clearly was inspired by the original source code and we take the time to explore it a little bit more.
New-looking Sundown EK drops Smoke Loader, Kronos banker
In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case dropped a downloader followed by a banking Trojan.
Malvertising campaign delivers two exploit kits, same payload
In this malvertising campaign, both RIG EK and Sundown EK are used to deliver the same threat, an indication that the actor behind it is either testing or maximizing infection rates.
A look at the Angler-less exploit kit scene
For those tracking exploit kits, the disappearance of the Angler exploit kit last week was a major event. While a lot of questions remain, several clues pointed out that this was no ordinary break, and that something deeper was likely going on. After about ten days without Angler EK, we take a look at the exploit kit landscape.