Disdain EK

A new exploit kit (EK) named “Disdain” has been observed in the wild. The EK targets Windows vulnerabilities. Initially the presence of this EK was found in underground forums as an ad and was brought to light on twitter by @CryptoInsane. The EK can be rented for as low as 80$. Disdain claims to exploit … Continue reading “Disdain EK”

Sundown Exploit Kit Attacking Microsoft Edge Browser

The Sundown Exploit Kit that first came to light in mid 2016, appears to be under aggressive development. The exploit-kit is actively attacking the Edge Browser from Microsoft shipped with Windows 10. Specifically, the exploit-kit is targeting CVE-2016-7200 and CVE-2016-7201 which Microsoft fixed with update MS16-129, released on Patch Tuesday in the month of November. The vulnerability … Continue reading “Sundown Exploit Kit Attacking Microsoft Edge Browser”

Sundown Exploit Kit and The EITEST Campaign

Abstract: After the vanishing of Angler and Neutrino Exploit kits (EK), the underground cyber world of EK was left with only one major player with Rig EK. Pseudo-Darkleech and EITEST, the two most popular website compromise campaigns, both redirected their victims to Rig EK. However, a few days back, our systems recently detected a major … Continue reading “Sundown Exploit Kit and The EITEST Campaign”

Neutrino Exploit Kit and CVE-2016-4117

Exploit Kits are swiftly taking advantage of Adobe Flash vulnerabilities. Four days after Adobe released the Flash player update 21.0.0.242, exploit kits quickly added the Flash exploit into their “Lunch package”. This blog is about how we identified  CVE-2016-4117 in the Neutrino Exploit Kit and the process of how we extracted the multiple layers of … Continue reading “Neutrino Exploit Kit and CVE-2016-4117”