We have found an interesting discrepancy in how the Angler exploit kit targets Adobe Flash. The Angler exploit kit is known for its use of various Adobe Flash Player exploits. Reports have indicated that Angler has started targeting CVE-2015-0359, a vulnerability that was fixed in Adobe’s April 2015 update. CVE-2015-0359 is a race condition vulnerability that occurs because ByteArray::Write is…
Read MoreUnpatched versions of Microsoft’s Internet Information Services (IIS) web server are vulnerable to a remote denial of service attack that can prove to be very threatening if set against critical systems. The vulnerability, which was fixed by Microsoft in MS15-034 as part of the April 2015 Patch Tuesday cycle, can trigger the blue screen of death or more commonly known as…
Read MoreAn 18-year-old vulnerability called Redirect to SMB has been resurrected with a new attack vector. This vulnerability can be used to redirect a victim to a malicious Server Message Block (SMB) server, without any direct action from the user except visiting a website. If the SMB security policy is not secure enough, the SMB client will try to make an authenticated…
Read MoreWith additional analysis from David Agni Improvements in security file scanners are causing malware authors to deviate from the traditional malware installation routine. It’s no longer enough for malware to rely on dropping copies of themselves to a location specified in the malware code and using persistence tactics like setting up an autostart feature to…
Read MoreExploits kits have long been used to deliver threats to users, but they seem to have gone retro: it was recently being used to deliver fake antivirus malware. We closely monitor exploit kit activity because of their widespread use (we discussed their use in malvertising recently), so it was no great surprise to see the Fiesta…
Read More