exploit kit

May 18, 2017

THREAT RESEARCH

Terror Evolved: Exploit Kit Matures

1 min read

Talos is monitoring the major Exploit Kits(EK) on an ongoing basis. While investigating the changes we recently observed in the RIG EK campaigns, we identified another well known candidate: Terror Exploit Kit. Terror EK is one of the new players who showed up after the big Exploit Kit market consolidation last year. When Angler and […]

November 3, 2016

THREAT RESEARCH

Take the RIG Pill: Down the Rabbit Hole

1 min read

Executive Summary Talos is monitoring the big notorious Exploit Kits(EK) on an ongoing basis. Since Angler disappeared a few month ago, RIG is one EK which seems to be trying to fill the gap Angler has left. We see an ongoing development on RIG. This report gives more details about the complex infection process the […]

August 17, 2016

SECURITY

CryptXXX Technical Deep Dive

10 min read

0.0 Introduction: In our previous post we discussed the AMP ThreatGrid Research and Efficacy Team’s continuous support for Ransomware attack vectors, generic behavior detection of un-discovered variants, and the creation of behavioral indicators once new variants are identified. In this post we’ll be discussing one of the more prevalent variants to surface in the wake […]

August 3, 2016

EDUCATION

Cybersecurity in Education: Threats Impacting K-12 and Higher Education

2 min read

Cisco has numerous resources for education institutions to learn how to properly enforce security based on industry best practices.

March 21, 2016

THREAT RESEARCH

Malware Word Search: Identifying Angler’s Dictionary

1 min read

This post authored by Steve Poulson with contributions from Nick Biasini. Exploit kits are constantly evolving and changing. We recently wrote about some subtle Angler changes but then Angler changed drastically on March 8. In this blog post, we will briefly cover these changes, examining different characteristics of the URL structure for Angler and the […]

March 1, 2016

THREAT RESEARCH

Angler Attempts to Slip the Hook

1 min read

This post was authored by Nick Biasini with contributions from Joel Esler and Melissa Taylor Talos has discussed at length the sophistication of the Angler exploit kit. One thing that always makes Angler stand apart is the speed with which they develop and implement new techniques. Whether its domain shadowing, 302 cushioning, encrypted payloads, or […]

October 15, 2015

SECURITY

Angler for Beginners in 34 Seconds

3 min read

Post authored by Martin Rehak, Veronica Valeros, Martin Grill and Ivan Nikolaev. In order to complement the comprehensive information about the Angler exploit kit from our Talos colleagues [

October 6, 2015

THREAT RESEARCH

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa …

3 min read

This post was authored by Nick Biasini with contributions from Joel Esler, Nick Hebert, Warren Mercer, Matt Olney, Melissa Taylor, and Craig Williams. Executive Summary Today, Cisco struck a blow to a group of hackers, disrupting a significant international revenue stream generated by the notorious Angler Exploit Kit.  Angler is one of the largest exploit kit […]

June 5, 2015

THREAT RESEARCH

Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense

6 min read

This post was authored by Nick Biasini Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing. This exploit kit evolves on an almost constant basis. However, the recent activity caught our attention due to  a change to the URL […]