Exploit Kit

Smut surfers infected with Ramnit trojan as malvertising campaign deploys pop-under ads

This isn’t the kind of thing you want to pop up when you’re surfing a porn site.

David Bisson reports.

Hackers turn their back on exploiting Java, to focus on Flash flaws

The malicious hackers developing exploit kits, designed to help online criminals break into computers systems and spread malware, are keener on exploiting Adobe Flash than any other software.

Plugins – yes, they’re handy but they also increase the surface of attack

Whichever web browser you are using, you should know that using any plugin runs the risk of putting your system – and your data – in increased peril.

Yasin Soliman reports.

Angler, Magnitude, and other exploit kits nearly twice as active as this time last year

Exploit kits prey upon the fact that most users are slow to update their machines.

Keep yourself patched and adopted a layered defence to better protect yourself against the Angler exploit kit and its cohorts, advises David Bisson.

xHamster adult site infects computers through malicious Sex Messenger ad

xHamster, which receives over 500 million visitors a month, has been serving up malware-laced ads capable of infecting users’ computers.

Patch Adobe Flash urgently, or risk being attacked via the Magnitude exploit kit

If you’re going to do one thing today, make sure your computers are running an up-to-date version of Flash.

Xtube porn website spreads malware, after being compromised by hackers

The popular Xtube hardcore porn website, visited by approximately 25 million people every month, has been compromised by hackers and is spreading malware onto visiting computers.

Jamie Oliver’s website found spreading malware… again

Jamie, I know you have a lot on your plate, but this is no small potatoes. Secure your website, or find someone worth their salt who can.

Malicious ads run next to popular YouTube videos, laced with the Sweet Orange exploit kit

Security researchers have discovered a criminal campaign exploiting the YouTube platform, where some of the site’s most popular videos have had malicious adverts displayed alongside them.


Over 500,000 PCs attacked every day after 25,000 UNIX servers hijacked by Operation Windigo

Malware researchers at ESET have uncovered a widespread cybercriminal operation that has seized control of tens of thousands of Unix servers.

Learn more in my guest article on the We Live Security blog.

NHS websites awash with security vulnerabilities. Ensure your WordPress site is running up-to-date software

Websites run by Britain’s National Heath Service (NHS) are riddled with security vulnerabilities and could easily be exploited by online criminals, claims a newly-published investigation.

Are you doing everything you should to ensure that your website is up-to-date and not infecting its visitors?

YouTube ads spread banking malware

Security researchers at Bromium have discovered that hackers were spreading malware onto computers while unsuspecting users were watching YouTube videos.

The drive-by-download attack was distributed via adverts shown on the YouTube website, and used an exploit kit to infect Windows PCs with a version of the Caphaw banking Trojan.

Malware strikes thousands of Yahoo users via poisoned adverts

Thousands of visitors to the Yahoo website were attacked by malware, spread via poisoned adverts in recent days.

Suspected Blackhole Exploit Kit creator, and 12 others, prosecuted by Russian authorities

If the Russian authorities really do have their hands on the Blackhole Exploit Kit’s creator, and his collaborators, then that is good news for everyone on the internet.

Official PHP website hacked, spreads malware infection

The php.net website, the official home of the open-source PHP programming language, has been hacked and used to spread malware to visitors.

The Redkit malware exploit gang has a message for security blogger Brian Krebs

Award-winning security blogger Brian Krebs is loved by everyone on the internet… apart from the criminals.

Find out what they’re saying about him in their latest version of the Redkit exploit kit.