IE Information Disclosure 0-day used in Malvertising campaigns and Neutrino EK

Introduction: The success of an exploit kit depends on many parameters infecting effective targets, avoiding honeypots, sandboxes and researchers who are always on the lookout for new exploit kits and expose it to world. An exploit kit that is stealthy will have a longer life time and gains more reputation. This is reflected in an EK’s capability … Continue reading “IE Information Disclosure 0-day used in Malvertising campaigns and Neutrino EK”

Neutrino Exploit Kit and CVE-2016-4117

Exploit Kits are swiftly taking advantage of Adobe Flash vulnerabilities. Four days after Adobe released the Flash player update 21.0.0.242, exploit kits quickly added the Flash exploit into their “Lunch package”. This blog is about how we identified  CVE-2016-4117 in the Neutrino Exploit Kit and the process of how we extracted the multiple layers of … Continue reading “Neutrino Exploit Kit and CVE-2016-4117”