Update 08/14: The campaign has moved to another advertiser (AOL) and new Azure domain: Malvertising URL: imp.bid.ace.advertising.com/{redacted}pmcpmprice=0.545/{redacted}dref=http://www.ebay.com/sch/i.html?_nkw=jazzy+wheelchair+battery&_pgn=3&_skc=100&rt=nc First redirection (Azure website)…
Tag: exploit
Recent Internet Explorer Vulnerability Exploited in The Wild
A recently patched Internet Explorer vulnerability (CVE-2015-2419) has already made its way into the top exploit kit on the market, Angler…
Chinese Actors Copy and Paste HackingTeam Zero-Days in Site Hack
The HackingTeam data leak was a treasure trove for threat actors. As we documented on this blog, it didn’t take long…
DYLD_PRINT_TO_FILE exploit found in the wild
Last month, Stefan Esser blogged about a zero-day vulnerability in OS X, without having informed Apple about the problem first. Unfortunately, today has…
USA TODAY Fantasy Sports Discussion Forum Serves Malware
Some of the great places to exchange and participate in online communities are made possible by web forums. However, they may not always…
Advert Strikes Out Via Copycat Gaming Site
It’s always interesting to identify the source of an infection, especially when it comes to exploit kits. Beyond identifying the various…
Ukrainian Media Site RBC[dot]UA Drops CryptoWall Ransomware
Popular news site rbc[dot]ua is currently hacked and infecting its visitors via the RIG exploit kit. The majority of the traffic to…
Revisiting The Bunitu Trojan
This post describes the infection process of the latest version of the Bunitu Proxy Trojan as seen delivered by the Neutrino…
PSA: Flash Zero-Day Now Active in The Wild
Update (07/08/15): Adobe has released a fix with version 18.0.0.203. Please update ASAP. The Neutrino exploit kit is using a Flash zero-day which…
New Malwarebytes Anti-Exploit Version Is Out!
We have just released Malwarebytes Anti-Exploit 1.07. This latest version brings in some new features, improvements and bug fixes. Malwarebytes Anti-Exploit uses…