They say imitation is the sincerest form of flattery. Take the case of CrypMIC—detected by Trend Micro as RANSOM_CRYPMIC—a new ransomware family that mimics CryptXXX in terms of entry point, ransom notes and payment site UIs. CrypMIC’s perpetrators are possibly looking for a quick buck owing to the recent success of CryptXXX.Read More
Early this year, we reported that in 2015, Angler came out as the top exploit kit, having contributed 59.5% in the total exploit kit activity for the year. Now, there’s barely any pulse left.
After the arrest of 50 people accused of using malware to steal US$25 million, it is interesting to note that Angler basically stopped functioning. With Angler’s reported inactivity, it appears that cybercriminals are scrambling to find new exploit kits to deliver malware. Angler had been the exploit kit of choice because it was the most aggressive in terms of including new exploits and it was able to apply a lot of antivirus evasion techniques such as payload encryption and fileless infection.Read More
The second Tuesday of the month has arrived which means the arrival of regularly scheduled patches from Microsoft and other vendors. This month’s release includes sixteen bulletins from Microsoft, as well as an update from Adobe for their PDF-related application. A separate update for Flash Player will arrive later this week.Read More
ImageMagick is a popular software suite that is used to display, convert, and edit images. On May 3, security researchers publicly disclosed multiple vulnerabilities in the open-source image processing tool in this suite, one of which could potentially allow remote attackers to take over websites.Read More
In the first part of this series of blog posts, we discussed what new developments and changes in the exploit kit landscape were seen in 2015. In this post, we look at the scale of the exploit kit problem – how many users were affected, which exploit kits are popular, and where are the users coming from?Read More