Security Alerts & News
by Tymoteusz A. Góral

History
#644 “Nuclear” exploit kit service cashes in on demand from cryptoransomware rings
Security researchers at Cisco Talos and Check Point have published reports detailing the inner workings of Nuclear, an "exploit kit" Web service that deployed malware onto victims' computers through malicious websites. While a significant percentage of Nuclear's infrastructure has been recently disrupted, the exploit kit is still operating—and looks to be a major contributor to the current crypto-ransomware epidemic.

Introduced in 2010, Nuclear has been used to target millions of victims worldwide, giving attackers the ability to tailor their attacks to specific locations and computer configurations. Though not as widely used as the well-known Angler exploit kit, it has been responsible for dropping Locky and other crypto-ransomware onto more than 140,000 computers in more than 200 countries, according to statistics collected by Check Point. The Locky campaign appeared to be placing the greatest demand on the Nuclear pay-to-exploit service.
Read more
#646 MongoDB configuration error exposed 93 million Mexican voter records
#645 MIT launches experimental bug bounty program
#644 “Nuclear” exploit kit service cashes in on demand from cryptoransomware rings
#643 $10 router blamed in Bangladesh bank hack
#642 PowerShell used for spreading Trojan.Laziok through Google Docs
#641 Avast SandBox escape via IOCTL requests
#640 How I hacked Facebook, and found someone's backdoor script
#639 Core Windows utility can be used to bypass AppLocker
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12