Researchers at Proofpoint discovered a massive AdGholas Malvertising Campaign infecting as many as 1 million computers per day with several banking trojans. A new massive AdGholas malvertising network discovered by experts at Proofpoint has been infecting as many as 1 million computers per day with several banking trojans. AdGholas operators have been active since 2015, the threat […]
The recently patched CVE-2017-0022 Windows Zero-Day vulnerability has been exploited by threat actors behind the AdGholas malvertising campaign and Neutrino EK since July 2016. Microsoft has fixed several security flaws with the March 2017 Patch Tuesday updates. According to security experts at Trend Micro, the list of fixed vulnerabilities includes three flaws that had been exploited […]
Cerber 4.0 is the latest variant of the Cerber ransomware family that is becoming even more common in the malvertising campaign in the wild. Another variant of the notorious Cerber ransomware, the Cerber 4.0, appeared in the wild delivered by several exploit kits, including RIG, Neutrino, and Magnitude EKs. According to the experts from Trend Micro, the Cerber 4.0 first appeared in October […]
Operators behind the Afraidgate campaign continue to leverage on Neutrino EK, but switches from CryptXXX to Locky Ransomware. According to the experts from Palo Alto Networks, one of the most long-lived hacking campaigns leveraging on the Neutrino EK switches from CryptXXX to the Locky Ransomware. The campaign dubbed Afraidgate due to the name of the gate domains (using name servers from […]
A large number of business websites have been compromised by the SoakSoak gang to deliver ransomware. Security experts from Invincea firm have discovered that a large number of websites were recruited by the SoakSoak botnet to deliver CryptXXX malware. The list of compromised sites is long and includes the tourism website for Guatemala and the do-it-yourself project […]
Operators behind the Neutrino EK have added the code to exploit an Internet Explorer flaw that  was recently patched with the release of the MS16-053. Operators behind the infamous Neutrino EK have recently added the code to exploit an Internet Explorer vulnerability that was patched with the release of the MS16-053 security bulletin. The MS16-053 bulletin patched […]