exploit kit


This Global Healthcare Threat Telemetry report examines the threat landscape of the global healthcare industry in Q4 2016. It is based on threat telemetry obtained by FortiGuard Labs’ research group from sensors located at 454 healthcare companies located in 50 countries around the globe. FortiGuard Labs, and its more than 200 researchers and analysts located around the world, logs over 400,000 hours of threat research every year by monitoring and analyzing threat telemetry gathered from over two million sensors. The resulting threat intelligence... [Read More]
by RSS Gavin Chow  |  Feb 21, 2017  |  Filed in: Security Research
Malware-as-a-Service (MaaS) business models continue to thrive in the cyber underground. It has allowed cyber crooks to generate renewable income through renting malware rather than selling their tool for a one-time payment. As a result, the business model has been adopted in various underground commodities such as exploit kits and remote access trojans. Recently, we saw the emergence of Ransomware-as-a-Service (RaaS) platforms. During our monitoring, we discovered that this same business model is also being used in phishing schemes in the form... [Read More]
by RSS Roland Dela Paz and Rommel Joven  |  Aug 31, 2016  |  Filed in: Security Research
RIG Exploit Kit was upgraded to v3.0 a while back. While RIG EK was never as active as other exploit kits such as Angler or Nuclear, it is one of the more 'stable' EKs in terms of its near constant presence on the Internet. We will talk about a recent RIG EK sample. Here is the landing page information captured by our automated system in FortiGuard Labs. Type Exploit Kit Name RIG.Exploit.Kit Attack ID 52114 Referrer... [Read More]
by RSS Tim Lau  |  Sep 30, 2015  |  Filed in: Industry Trends & News
At around 5AM PST today, our automatic website scanning system began to detect malicious contents being served from a top 10 global website. This lasted to around 8:30AM PST when, presumably, the website's operators disabled the malicious content. Upon analysis, it appears that a malware is being served through the website's advertisement network. What's technically interesting about this case is that the malware (an 'exploit kit') is being pushed though AJAX. This is something that was previously done only in small scale... [Read More]
by RSS Tim Lau  |  Jun 22, 2015  |  Filed in: Industry Trends & News