On Tuesday, Microsoft released a security update for Silverlight (MS16-109). Silverlight vulnerabilities are always one of the attacker’s favorite targets because most of them allow remote code execution. In this blog, I will explain what the vulnerability is about and the exploit indicators. Patch Diff and Root Cause: Patch diff is a very common way … Continue reading “Microsoft Silverlight Vulnerability CVE-2016-3367 Analysis”
Author: Ses Wang
One Flash To Rule Them All
Many exploit kits take advantage of Adobe’s flash vulnerabilities to exploit victims. Every company uses an anti-virus software product to defend this type of attack. Because of the complexity of exploit kits and Adobe’s action script language, anti-virus applications could be completely blinded. In this article we will craft an old flash exploit to bypass … Continue reading “One Flash To Rule Them All”
Conquer The Rig Exploit Kit
Conquer The Rig Exploit Kit After the Angler Exploit Kit became less prevalent, the RIG exploit kit quickly took its place to become one of the most “popular” exploit kits in the underground. This blog is a complete analysis of technologies used in the Rig exploit kit. The Landing Page: All exploit kits … Continue reading “Conquer The Rig Exploit Kit”
KAIXIN Exploit Kit Update
KaiXin exploit kit (EK) was first identified in August 2012 by Kahu Security. We believe this exploit kit is written by a Chinese hacker. The word KaiXin means “Happy” In Chinese. Here is the latest research for this exploit kit. Targeted Operating System: The KaiXin exploit kit is actively targeting Windows XP, Windows Vista, … Continue reading “KAIXIN Exploit Kit Update”
Neutrino Exploit Kit and CVE-2016-4117
Exploit Kits are swiftly taking advantage of Adobe Flash vulnerabilities. Four days after Adobe released the Flash player update 21.0.0.242, exploit kits quickly added the Flash exploit into their “Lunch package”. This blog is about how we identified CVE-2016-4117 in the Neutrino Exploit Kit and the process of how we extracted the multiple layers of … Continue reading “Neutrino Exploit Kit and CVE-2016-4117”
Analysis of RIG Exploit Kit weaponizing CVE-2016-0034
Exploit kit authors often update the capabilities of their exploit kits by adding support for new vulnerabilities so that they can compromise and install malware or ransomware on even more machines. As part of the ThreatPROTECT research team, I analyze exploit kits to keep track of the latest vulnerabilities being incorporated into them. Back in February, I analyzed the … Continue reading “Analysis of RIG Exploit Kit weaponizing CVE-2016-0034”