The SSL malvertising campaign we documented in August that affected Yahoo.com, MSN.com and several other top sites is still ongoing. This…
Tag: exploit
In mid August, the actors behind some of the recent malvertising campaigns we documented on this blog before started to come out with several new…
Earlier this month, an adware installer was found to be taking advantage of the DYLD_PRINT_TO_FILE vulnerability in OS X.Now Malwarebytes researcher…
Today, we’re excited to be launching our thought leadership series entitled “Marcin’s Soundbytes.”You’ll see me interview some of the savviest professionals…
Update 08/14: The campaign has moved to another advertiser (AOL) and new Azure domain:Malvertising URL: imp.bid.ace.advertising.com/{redacted}pmcpmprice=0.545/{redacted}dref=http://www.ebay.com/sch/i.html?_nkw=jazzy+wheelchair+battery&_pgn=3&_skc=100&rt=nc First redirection (Azure website):v5tr34-a09.azurewebsites.net/?=a09vv5vtrkp Second…
A recently patched Internet Explorer vulnerability (CVE-2015-2419) has already made its way into the top exploit kit on the market, Angler…
The HackingTeam data leak was a treasure trove for threat actors. As we documented on this blog, it didn’t take long…
Last month, Stefan Esser blogged about a zero-day vulnerability in OS X, without having informed Apple about the problem first. Unfortunately, today has…
Some of the great places to exchange and participate in online communities are made possible by web forums.However, they may not always be…
It’s always interesting to identify the source of an infection, especially when it comes to exploit kits.Beyond identifying the various parties…