Microsoft said a Windows SMB zero day, which has a public proof-of-concept exploit available, is low risk and won’t be patched until an upcoming Patch Tuesday.
Tag Archives: SANS Internet Storm Center
Nuclear, Angler Exploit Kit Activity Has Disappeared
Researchers who study exploit kits are reporting that two major kits, Angler and Nuclear, may no longer be available.
Persistent EITest Malware Campaign Jumps from Angler to Neutrino
The tenacious EITest malware campaign is being refueled by the fact it is shifting from the Angler exploit kit to the Neutrino exploit kit.
Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware
An attacker working off domains belonging to Chinese registrar BizCN has been moving the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.
WordPress Compromises Behind Spike in Neutrino EK Traffic
A rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic
Uptick in Neutrino Exploit Kit Traffic Doesn’t Mean Angler Reign Over
A SANS ISC report indicates a prominent cybercrime group has begun using the Neutrino Exploit Kit, but that hardly spells the end of the road for the notorious Angler EK.
Evasion Techniques Keep Angler EK’s Cryptowall Business Thriving
The SANS Internet Storm Center reports that the Angler Exploit Kit, pushing Cryptowall 3.0 ransomware, uses rapidly changing URL patterns—almost daily changes—to evade detection and rake in profits.
Cryptowall 3.0 Infections Spike from Angler EK, Malicious Spam Campaigns
SANS Institute reports that Cryptowall 3.0 ransomware infections emanating from the Angler Exploit Kit are on the rise, and coincide with a spike from malicious spam campaigns.