Search the Community
Showing results for tags 'kit'.
Exploit Kits: Past, Present and Future March 16, 2015 View research paper: The Evolution of Exploit Kits Exploit kits are a fast-growing online threat that cybercriminals seem to have favored in the last few years to execute Web-based attacks to distribute malware. Exploit kits are old tools released by Russian programmers dating back to 2006. As seen in the diagram below, exploit kits have continuously grown in numbers from 2006 to 2013. The market seemingly changed and took a significant dip however in 2014. The rise of exploit kits in underground markets push exploit kit developers to impr
Source: https://github.com/SecurityObscurity/cve-2015-0313 PoC: http://www.exploit-db.com/sploits/36491.zip Adobe Flash vulnerability source code (cve-2015-0313) from Angler Exploit Kit Reference: Trend Micro Discovers New Adobe Flash Zero-Day Exploit Used in Malvertisements Malware don't need Coffee: CVE-2015-0313 (Flash up to 220.127.116.116) and Exploit Kits https://helpx.adobe.com/security/products/flash-player/apsa15-02.html Source: http://www.exploit-db.com/exploits/36491/
Another security advisory covering Siemens industrial kit has reached the public, this time covering wireless industrial networking hardware. ICS-CERT advises that the Ruggedcom range of 802.16e (Wimax, for those with long memories) switches from the company carries a range of vulnerabilities that let attackers scam admin privileges for themselves. The vulnerabilities are: CVE- 2015-1448 – attackers can get administrative access to the kit over the network, without authentication; CVE- 2015-1449 – a buffer overflow in the integrated Web server means an attacker over port 443 might get remote