Security Alerts & News
by Tymoteusz A. Góral

History
#1675 New Bizarro sundown exploit kit spreads Locky
A new exploit kit has arrived which is spreading different versions of Locky ransomware. We spotted two cases of this new threat, which is based on the earlier Sundown exploit kit. Sundown rose to prominence (together with Rig) after the then-dominant Neutrino exploit kit was neutralized.

Called Bizarro Sundown, the first version was spotted on October 5 with a second sighting two weeks later, on October 19. Users in Taiwan and Korea made up more than half of the victims of this threat. Bizarro Sundown shares some features with its Sundown predecessor but added anti-analysis features. The October 19 attack also changed its URL format to closely resemble legitimate web advertisements. Both versions were used exclusively by the ShadowGate/WordsJS campaign.
Read more
#1681 Tesco Bank: 20,000 customers lose money
#1680 Admins, update your databases to avoid the MySQL bug
#1679 Inside the RIG exploit kit
#1678 Test-run DDoS attacks against Liberia cease
#1677 Android spyware targets business executives
#1676 Microsoft delays Enhanced Mitigation Experience Toolkit support cut-off to July 2018
#1675 New Bizarro sundown exploit kit spreads Locky
#1674 This evil office printer hijacks your cellphone connection
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12