Security Alerts & News
by Tymoteusz A. Góral

#1839 Updated Sundown exploit kit uses steganography
This year has seen a big shift in the exploit kit landscape, with many of the bigger players unexpectedly dropping out of action. The Nuclear exploit kit operations started dwindling in May, Angler disappeared around the same time Russia’s Federal Security Service made nearly 50 arrests last June, and then in September Neutrino reportedly went private and shifted focus to select clientele only. Now, the most prominent exploit kits in circulation are RIG and Sundown. Both gained prominence shortly after Neutrino dropped out of active circulation.

Sundown is something of an outlier from typical exploit kits. It tends to reuse old exploits and doesn’t make an effort to disguise their activity. The URLs for Sundown requests for Flash files end in .swf, while Silverlight requests end in .xap. These are the normal extensions for these file types. Typically, other exploit kits make an effort to hide their exploits. In addition, Sundown doesn’t have the anti-crawling feature used by other exploit kits.
Read more
#1840 The 10 biggest security incidents of 2016
#1839 Updated Sundown exploit kit uses steganography
#1838 Android ransomware infects LG SmartTV
#1837 Ransomworm: the next level of cybersecurity nastiness
#1836 Chrome will soon mark some HTTP pages as 'non-secure'
#1835 Switcher: Android joins the ‘attack-the-router’ club
#1834 This low-cost device may be the world’s best hope against account takeovers
#1833 YubiKey for Windows Hello brings hardware-based 2FA to Windows 10
#1832 Security Keys: practical cryptographic second factors for the modern web (PDF)
#1831 Is Mirai really as black as it’s being painted?
#1830 The most dangerous people on the internet in 2016
#1829 Encrypted messaging app Signal uses Google to bypass censorship
#1828 Disclosing the primary email address for each Facebook user
#1827 Danger close: Fancy Bear tracking of Ukrainian field artillery units
#1826 New French law bars work email after hours
#1825 Changing other people's flight bookings is too easy
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12