Security firm FireEye has detected that malware authors have deployed the PROPagate code injection technique for the first time inside a live malware distribution campaign.
An Internet Explorer zero-day vulnerability that came to light last month has now been incorporated in the RIG exploit kit, a web-based toolkit that malware authors use to infect a site's visitors with malware.
The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player —the RIG exploit kit— has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans (infostealers).
The Matrix Ransomware has started to be distributed through the RIG exploit kit. This article will provide information on what vulnerabilities are being targeted and how to protect yourself.
On July 7, French domain registrar Gandi lost control over 751 customer domains, which had their DNS records altered to point incoming traffic to websites hosting exploits kits.
Another major exploit kit (EK) looks like it's heading for the EK graveyard as activity from the RIG EK has fallen to less than 25% of what the exploit kit used to handle three months ago, in March 2017.
A joint operation between various industry actors has led to tens of thousands of shadow domains being shut down and removed from the infrastructure of the RIG Exploit Kit (RIG EK).
The Matrix Ransomware gears up for higher distribution by using EITest, the Rig Exploit kit, while being able to spread to other computer through malicious shortcuts.
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python.
Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK.
Lots of news this week when it comes to ransomware. We have a Star Trek themed ransomware, new decryptors, lots of new crap ransomware, people modifying Petya for their own ends, and a new CryptoMix variant called Revenge. If your interested in ransomware, this week has a lot of news.
A new CryptoMix variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below.
A new CryptoMix variant called CryptoShield 1.0 Ransomware has been discovered by ProofPoint security researcher Kafeine being distributed via EITest and the RIG exploit kit.
The Sage 2.0 Ransomware, which is an updated variant of CryLocker, has been discovered being distributed by one of the same actors who is distributing Locky, Cerber, and Spora. Due to this there is a good chance of wider distribution of this ransomware. This guide provides information on Sage 2.0 and what to expect from it.
A new ransomware called CryptoLuck has been discovered being distributed via the RIG-E exploit kit. This ransom also utilizes an interesting method of infecting a victim through the legitimate GoogleUpdate.exe executable and DLL hijacking.
A new ransomware called Alma Locker has been discovered by Proofpoint researcher Darien Huss that encrypts a victim's data and then demands a ransom of 1 bitcoin within five days.