ZERO-DAY VULNERABILITIES: AN INSIDE LOOK AT LUXOR2008

February 27, 2019 | 34 views

When it comes to breaches, we have seen this time and again: an exploited vulnerability that costs organizations millions of dollars, and consumers their private data. Zero-Day vulnerabilities are software flaws or bugs that are unknown to the software developers, and don’t yet have a patch, providing a perfect opportunity for an enterprising hacker to create an “exploit”–a type of malware specifically targeting these software vulnerabilities– costing organizations millions of dollars, and consumers their private data.

Spotlight

Tekmark Global Solutions

"As one of the longest standing privately held technology and telecom solutions providers in the world, Tekmark Global Solutions delivers innovative, cost-effective, and results-driven solutions to help our clients excel in their respective marketplace. Our client rolodex is vast, and includes a broad range of Fortune 100 and 500 companies in telecommunications, financial services, technology, insurance, health care, pharmaceutical, internet product and services, as well as state and city government agencies. What sets us apart? "

OTHER ARTICLES
FUTURE TECH

Natural Language Processing: An Advanced Implementation of AI

Article | March 21, 2022

Natural Language Processing, also known as computational linguistics or NLP, is a branch of Artificial Intelligence (AI), Machine Learning (ML), and linguistics. It is a subfield of AI that enables computers or machines to understand, manipulate, and interpret human language. Simply put, natural language is the natural method by which humans communicate with one another. We have now trained computers to interpret natural language. Communicating with computers has become simpler with voice queries such as "Alexa, what's the news today?" or "Ok Google, play my favorite songs." Similarly, when you ask Siri, Apple's voice assistant, "What is the cheapest flight to New York later today?" It instantly searches airline and travel websites for flights from the user's location to New York. It also compares the prices and lists the one with the lowest fare first. So, even without specifying a date or the "lowest fare", Siri understands the inquiry and returns accurate results. This is the result of NLP in action. Natural Language Processing: Business Applications Natural language processing has a variety of applications, some of them are listed below. Summarize text blocks to extract the most relevant and core concepts while excluding unnecessary information. Develop a chatbot that makes use of Point-of-Speech tagging to enhance customer support. Chatbots are AI systems that use NLP to engage with people through text or voice. Determine the type of extracted entity, such as a person, location, or organization. Sentiment Analysis can be used to recognize the sentiment or emotions of a text string, ranging from highly negative to neutral to very positive. HR teams can utilize NLP-based solutions to scan resumes based on keyword synonyms and swiftly shortlist candidates from a pile of resumes. Extracting Text data from the data storage allows in extracting specific information from text. Text can be broken down into tokens, or words can be reduced to their root or stem. Topic categorization helps users organize unstructured text. It's a great way for businesses to obtain insights from customer feedback. How Can Businesses Prepare for the NLP-Powered Future? NLP has evolved tremendously, and has benefited both companies and consumers. NLP technologies are assisting businesses to better understand how consumers perceive them through channels such as emails, product reviews, social media postings, surveys, and more. AI technologies can be used not just to analyze online interactions and how people speak about companies but also to automate tedious and time-consuming operations, enhance productivity, and free up staff to concentrate on more meaningful duties. When it comes to NLP the sky is the limit. As NLP technology is becoming more prevalent and greater advancements in ability are explored, the future will witness enormous shifts. Here are some of the ways in which businesses can prepare for the future of NLP. Analyze your company's text data assets and evaluate how the most recent techniques can be used to add value. Understand how you can use AI-powered language technology to make wiser decisions or rearrange your skilled labor. Start implementing new language-based AI tools for a range of jobs in order to better understand their potential. Prepare now to capitalize on transformative AI and to make sure that advanced AI contributes to society fairly. Closing Note Thanks to natural language processing technology, conversational commands and everything related to conversational AI in businesses have become faster and better. Natural language processing helps large businesses make flexible choices by revealing consumer moods and market movements. Smart companies now make decisions based not only on data but also on the intelligence derived from NLP-powered system data.

Read More
SOFTWARE

Augmented Reality: A Dynamic Change to Enhance Your Business

Article | June 10, 2022

Meta Description: Evaluating the impact of augmented reality in business ROI, while also understanding how CMOs leverage AR effectively in their marketing mix. While several technological advancements have been aiding in improving lifestyle, they have also been making drastic impacts on the business front. Over several years now, the world has seen various exposure to augmented reality. The usage of Augmented Reality for business has effectively transformed the technology from an entertainment concept to a crucial enterprise tool. According to Statista, 23 million jobs across the globe could be directly affected by AR and VR by 2030, and over 824,000 of those jobs are currently using these technologies in their workplace. Impact of Augmented Reality on Business In simple terms, Augmented Reality (AR) is a computer-generated enhancement that is placed over the existing reality we see with our human eyes. It offers the option to add dimension, sound and other experiences to any two-dimensional picture or video. Even when this might seem like something complex to be implemented in business, it isn't as challenging as it looks. With each passing year, AR has effectively been penetrating deeper into businesses, making a drastic impact on various functioning. Marketers have effectively been integrating the use of AR into their marketing strategies, and it has grown overall in the mainstream business functioning by being readily available for users to leverage. Industries That Should Leverage Augmented Reality Technology Uses of Augmented Reality is a prospect that business owners across multiple industries leverage to their advantage. While the core idea is to use the technology to aid and improve human performance, the industries that effectively utilize this resource are: Healthcare Education Travel and Tourism Manufacturing Defense Automotive Industry Retail How Seamless Integration of AR Can Impact Your ROI? Facebook said in March 2021 that it had allocated a complete 20% of its personnel to AR and VR development. That is a really massive investment by a corporation that has built a reputation for wisely investing in monetization and focused on creating bottom-line results. Augmented reality is on the path to becoming the next most significant development in an array of industries, ranging from medical to consumer retail. With the nature of augmented reality technology being highly dynamic, it is essential to have a successful strategy that ensures the integration of AR solutions that provide accurate and tangible results that align with the audience. Additionally, uses of augmented reality in business have also been capable of creating more meaningful engagement with customers. For the first time, new forms have made interaction real and measurable. As a result, brands may see precisely how many people engage with their collateral, how many times and where, for how long, and which direct actions they took: purchase, discount coupon, or social shares, for example, by leveraging IR/AR to turbo-charge paid media. "I do think that a significant portion of the population of developed countries, and eventually all countries, will have AR experiences every day, almost like eating three meals a day, it will become that much a part of you." Tim Cook, Chief Executive Officer of Apple Future of Your Business with AR Integration While augmented reality in business is becoming a crucial component for businesses these days and will revolutionize the future of business. According to Global Market Insights, the global market for AR goods will rise by 80% to £165 billion by 2024. The rise of the AR industry is closely tied to increased attention and investments from leading technology firms such as Facebook. Overall, the augmented reality technology market will develop at the fastest rate by 2023, primarily to the growing usage of smartphones, tablets, and other devices in consumer, commercial, and business settings to adopt AR technology. Furthermore, with the rising need for augmented reality in healthcare and retail, there are a plethora of new prospects and rising demand for augmented reality in architecture and the corporate sector. How Are CMOs Leveraging AR for Their Marketing Mix? Several top executives and leading CMOs are leveraging the benefits of augmented reality to expand the engagement, awareness and value around their services and products. In addition, numerous organizations from different industries and of various sizes in the B2C and B2B space are now using augmented reality technology to differentiate their product and services by effectively implementing AR strategies in their marketing mix. With a game-changing armor in their arsenal in the form of augmented reality, marketing executives trying to promote and sell more successfully can hence perform better, with purchasing experience becoming the new focal point. Conclusion Augmented reality in business is a prospect that offers a massive opportunity to engage with millions of users effectively. AR offers executives to ideally establish an immediate and sensory-driven connection of the brand with consumers by forging an emotional interaction. Repetitive engagement is a successful advertising approach for companies since it only requires AR app development expenditures, and additional benefits may be gained via repeated exposure. In the ever-dynamic state of our current existence, leveraging the benefits of augmented reality can come handy in elevating your business to the next level. FAQs How Can Customers and Businesses Benefit from AR? AR effectively increases engagement and interaction and helps provide a richer user experience. Several research has shown that AR increases the value of products and brands. Implementing AR activities is ideal and conveys innovation and responsiveness from forward-thinking brands. How Does AR Help Organizations Gain a Competitive Advantage? Augmented reality allows the organization to create a unique customer experience while also eliminating cognitive overload. It also ensures that user engagement heightens along with competitive differentiation. AR, after all, is a technology that enables a pure blending of physical and digital reality. How Will the Use of AR Technology Impact the Future of Business Functioning? Augmented reality is constantly evolving to become an emerging marketing and sales strategy trend. AR technologies allow organizations to provide their customers a unique experience with convenience by tapping into their smartphone devices.

Read More
FUTURE TECH

How Does IT Vendor Selection and Management Work?

Article | May 5, 2022

What Is the Importance of IT Vendor Selection and Management? Ideally, the IT vendor management process is an umbrella term for all the processes and systems organizations use to manage their IT suppliers. This is where an organization works with vendors to optimize its supplies and services. There could be several vendors an organization is associated with for unique services and offers. With proper vendor management, an organization can take appropriate measures to control costs, reduce potential risks, and ensure excellent service delivery. But the catch here is that it isn't as easy as it sounds. This includes researching the best available vendor, sourcing and obtaining pricing information, gauging the quality of work, managing relationships, and evaluating performance by setting organizational standards. Most Common Challenges in Vendor Management Even though there are many benefits, organizations face certain challenges during IT vendor selection and their management. Some of these most common challenges are mentioned below: High administrative costs Incomplete documentation Non-compliance Poor vendor relationships Security breaches Supply chain inefficiencies While there were some nuanced changes in the selections between various businesses, both large and small, the results indicate that organizations often face the same challenges no matter where they’re coming from. How Do IT Vendor Selection and Management Help an Organization? In contemporary times, with geographical and economic barriers constantly diminishing, organizations look for different types of vendors worldwide. Even if the organization is working with just one vendor, it is essential to have effective vendor management in place. With proper vendor management, an organization can experience the following benefits: Better Selection With the right vendor, your organization can benefit from a more extensive selection of vendors, resulting in more choices and better costs. Better Contract Management If there is multi-vendor management in place, your organization can benefit from a centralized view of the current status of all contracts and other useful information. This will enable your organization to achieve better decision-making capabilities. Better Performance Management Using a vendor management system, an organization can get an integrated view of the performance of all the vendors. This would give your organization a clear understanding of what is working and what is not. Better Vendor Relationship Managing multiple vendors at the same time can be a difficult task. By accumulating all vendor-related information in a single place, organizations benefit from getting all required information at once, and this can influence your decision-making process. Exploring the Ideal Process of IT Vendor Selection In a world where we are constantly progressing with increasing IT specialization, organizations must be able to rely on their partners. There are some specific steps that an organization can take up to make the whole IT vendor selection process more successful. The six-step process of ideal IT vendor selection: Kick-off and requirement definition Market research and first vendor filtering Request for proposal Evaluating responses Proof of concept Choosing the vendor There are also some common mistakes that organizations make while selecting their vendor. Some of these common errors are listed below: Not evaluating the vendor and only their offerings Communication indiscretion Not comparing vendors or similar stature Today, outsourcing is increasingly used by companies as an enabler for innovation. Technological advancements drive improvements in service delivery, which positively impact cost, enhance functionality, improve service quality, and reduce the importance of location on service delivery. Disruptive technologies like cloud computing enable solutions such as Salesforce.com or ServiceNow to accelerate speed to value and drive business growth. This leads to a change from the traditional IT organization to the next generation IT organization. The operating model needs more agility to respond faster and at different speeds to new service offerings. Outsourcing models have reached their third generation and involve a multi-vendor environment, requiring more transparency and integrated vendor management. Best Techniques to Improve Vendor Management The vendor management process is a crucial component for any organization, as it allows them to build a relationship with their suppliers and service providers that would help strengthen their business. Vendor management is not only about negotiating the price; the most essential aspect is coming to a conclusion that would mutually aid both organizations. Some effective techniques that can be utilized for effective IT vendor management are: Share information and priorities Balance commitment and competition Allow critical vendors to help you strategize Build partnerships that would last long term Try to understand your vendor's business process Negotiate and conclude with a win-win agreement Come together on value Conclusion Ideally speaking, vendor selection and managing that relationship can sometimes be challenging. Once you follow the process mentioned above to select the right vendor for your organization, the steps ahead will get a little easier. However, there is still the process of managing and building that relationship with the vendor. "The objective of vendor management is to fortify company success and overall marketplace performance." - Sean-Michael Callahan, Principal at The NiVACK Group. FAQ What Is Vendor Management in the IT Sector? The process that allows organizations to control costs, strengthen service, and reduce risks throughout the process of outsourcing to vendors while getting the most value from the investment is called vendor management in the IT sector. What Is a Vendor Selection Process? The vendor selection process is a subsidiary stage that allows for the clear stating, defining, and approval of those vendors who are eligible to meet the requirements of the procurement process. What Is the Role of Vendor Management? The vendor management process ideally facilitates and maintains relationships between your organization and vendors, negotiating contracts, creating standards for the vendors, and finding the best available vendors.

Read More
SOFTWARE

How SAAS Is Redefining Software Industry

Article | April 21, 2022

Software-as-a-Service (SAAS) has been a trending topic in the tech field in recent times. The success of the cloud has accelerated the demand for software delivery from on-premises to cloud-based. Start-ups are in a rush for SAAS transformation, delivering the very same solution over the internet. From Google Docs and Sheets to enterprise-level software, SAAS has established a foothold in every sector. With the oncoming of SAAS, the perception of computer software has changed. In this article, we will take a look at how SAAS is redefining and transforming the software industry. Better Accessibility Any software that is preferred to have better and centralized availability is preferred. Better availability is one of the factors that makes SAAS stand out. With centralized availability of both applications and data, users will have a hassle-free experience – with zero installation overheads and no commitments to carry in any device and data. SAAS is accessible from anywhere around the world on any device. There is a big advantage to SAAS over traditional software, which can only be used on a specific device. Ease of Upgrade To ensure continued security and access to new features, software releases are followed by updates and upgrades, which, once issued, become the sole responsibility of the user to install. A hassle-free upgrade makes SAAS the solution to be chosen. All updates and upgrades are performed on the server side, ensuring no downtime and minimal installation troubles. Moreover, most users do not take the updates and upgrades into account due to their delay in installation and trouble setting up. In this aspect, SAAS enables providers to better serve their users by ensuring they are using the latest releases and fixes. Zero Hardware Upgrades As time moves on, software demands higher resources for it to work smoothly. Zero hardware upgrades will bring a new and better user experience. All the hardware configurations will be managed at the cloud level, with no changes required on the client-side. A large increase in resources might have an influence on the subscription cost, but it is a better alternative to requesting end-users larger hardware. This will be a beneficial aspect for resource-heavy applications like graphics and design-related applications. Thus, a major part of configuration at the hardware and software levels (drivers) is abstracted from the users. Better Security and Protection from Piracy Traditional on-premise software is always vulnerable to cracking and piracy. With SAAS tools and software, there will be no piracy, and increasing security can be feasible. SAAS works on a subscription model where the purchase of the software is tied to a user account, and a fee is paid monthly or yearly to use the software. On-premise software is subject to reverse engineering, where the activation system is tampered with, and the software can be used for free. Similarly, data has better security in the cloud with continuous encryption and backup than on an on-premise system, wherein the data security and backup require user effort as well. Zero Compatibility Issues Software programs are subject to compatibility requirements where the OS or certain dependencies might not support a specific piece of software. With SAAS, there are no more compatibility-related conflicts since the OS and other dependencies and resources are managed by the provider itself. End-users need not comply with any compatibility requirements for the software to work. This aspect also provides users an advantage in terms of storage. The application and its dependencies usually take up a large amount of space. SAAS takes care of dependencies on the server end. Better Team Collaboration SAAS is an option that proves better for collaboration-based teams. Software delivery over the network comes with an account linked to it for sign-in and collaboration. Teams that work together can get better benefits when using SAAS tools since they enable sharing and collaboration on work items. Traditional software has limited or no collaboration capabilities, thus limiting productivity. SaaS can also keep data in sync on a number of devices, giving users a real-time experience.

Read More

Spotlight

Tekmark Global Solutions

"As one of the longest standing privately held technology and telecom solutions providers in the world, Tekmark Global Solutions delivers innovative, cost-effective, and results-driven solutions to help our clients excel in their respective marketplace. Our client rolodex is vast, and includes a broad range of Fortune 100 and 500 companies in telecommunications, financial services, technology, insurance, health care, pharmaceutical, internet product and services, as well as state and city government agencies. What sets us apart? "

Related News

Windows Zero-Day Exploited by New 'SandCat' Group

SecurityWeek | December 12, 2018

Experts believe that the Windows kernel zero-day vulnerability fixed this week by Microsoft with its Patch Tuesday updates has been exploited by several threat actors, including a new group. The actively exploited vulnerability, tracked as CVE-2018-8611, has been described by Microsoft as a privilege escalation issue related to the failure of the Windows kernel to properly handle objects in memory. The flaw was reported to Microsoft by researchers at Kaspersky Lab. This was the third month in a row Microsoft patched a Windows zero-day reported by the cybersecurity firm – in October it fixed CVE-2018-8453, which had been exploited by FruityArmor, and in November it resolved CVE-2018-8589, which had been used by multiple threat groups in attacks mostly aimed at the Middle East. Kaspersky has described CVE-2018-8611 as a race condition in the Kernel Transaction Manager. The company says the vulnerability can be used not only to escalate privileges, but also to escape the sandbox of the Chrome and Edge web browsers. “This vulnerability successfully bypasses modern process mitigation policies, such as Win32k System call Filtering that is used, among others, in the Microsoft Edge Sandbox and the Win32k Lockdown Policy employed in the Google Chrome Sandbox. Combined with a compromised renderer process, for example, this vulnerability can lead to a full Remote Command Execution exploit chain in the latest state-of-the-art web-browsers,” Kaspersky explained. The security firm says it has found several builds of an exploit for this vulnerability, including one adapted for the latest versions of Windows.

Read More

Microsoft Patches Zero-Day Flaws in Windows, Internet Explorer

SecurityWeek | August 15, 2018

Microsoft’s Patch Tuesday updates for August 2018 address 60 vulnerabilities, including two zero-day flaws affecting Windows and Internet Explorer. One of the actively exploited vulnerabilities is CVE-2018-8414, which Microsoft learned of from Matt Nelson of SpecterOps. Nelson disclosed the details of the bug in June after Microsoft told him that “the severity of the issue is below the bar for servicing and that the case will be closed.” Proofpoint then revealed in July that a financially-motivated threat actor tracked by the company as TA505 had been exploiting the flaw to deliver the FlawedAmmyy RAT. Microsoft described the issue as a Windows Shell remote code execution vulnerability that can be exploited by getting the targeted user to open a specially crafted file. The company says the flaw impacts Windows 10 and Windows Server (versions 1709 and 1803). According to Trend Micro’s Zero Day Initiative (ZDI), the same vulnerability also impacts Adobe Acrobat Reader. ZDI researcher Abdul-Aziz Hariri reported the weakness to Adobe, which also released a patch for it on Tuesday. “The Acrobat patch blocks the embedding of certain files types – a tactic Microsoft has already done with Office 365 docs,” ZDI explained in a blog post published after the patches were released. “This [Microsoft] patch prevents the bypassing of traditional file execution restrictions within Windows. It’s fascinating to see exploit authors combine different products to evade detection and proliferate their malware.” The second zero-day vulnerability patched on Tuesday by Microsoft is CVE-2018-8373, a remote code execution flaw that exists due to how the scripting engine in Internet Explorer handles objects in memory.

Read More

Exploit Kits Target Recent Flash, Internet Explorer Zero-Days

SecurityWeek | June 13, 2018

Exploit kits (EKs) might not be as dominant as they were several years ago, but they continue to exist and most of them already adopted exploits for recently discovered Flash and Internet Explorer zero-day vulnerabilities. The first of the flaws is CVE-2018-4878, a security bug in Adobe’s Flash Player discovered in late January, when it was exploited by a North Korean hacker group in attacks aimed at individuals in South Korea. Adobe released a patch within a week after the bug became public, but it continued to be targeted in numerous other attacks. The second is CVE-2018-8174, a critical issue that allows attackers to remotely execute arbitrary code on all supported versions of Windows, and which was addressed with the May 2018 Patch Tuesday updates. The bug is an update to a 2-year-old VBScript vulnerability (CVE-2016-0189) that continues to be abused in attacks. The recently patched Flash Player zero-day tracked as CVE-2018-5002, which has been exploited in targeted attacks, has yet to be added to EKs. “Since both Flash and the VBScript engine are pieces of software that can be leveraged for web-based attacks, it was only natural to see their integration into exploit kits,” Malwarebytes points out. Within days after a proof of concept became publicly available, RIG adopted the exploit for the new VBScript engine flaw, becoming the first EK to do so. The toolkit also added an exploit for said Flash bug, and was observed pushing payloads such as Bunitu, Ursnif, and the SmokeLoader backdoor.

Read More

Windows Zero-Day Exploited by New 'SandCat' Group

SecurityWeek | December 12, 2018

Experts believe that the Windows kernel zero-day vulnerability fixed this week by Microsoft with its Patch Tuesday updates has been exploited by several threat actors, including a new group. The actively exploited vulnerability, tracked as CVE-2018-8611, has been described by Microsoft as a privilege escalation issue related to the failure of the Windows kernel to properly handle objects in memory. The flaw was reported to Microsoft by researchers at Kaspersky Lab. This was the third month in a row Microsoft patched a Windows zero-day reported by the cybersecurity firm – in October it fixed CVE-2018-8453, which had been exploited by FruityArmor, and in November it resolved CVE-2018-8589, which had been used by multiple threat groups in attacks mostly aimed at the Middle East. Kaspersky has described CVE-2018-8611 as a race condition in the Kernel Transaction Manager. The company says the vulnerability can be used not only to escalate privileges, but also to escape the sandbox of the Chrome and Edge web browsers. “This vulnerability successfully bypasses modern process mitigation policies, such as Win32k System call Filtering that is used, among others, in the Microsoft Edge Sandbox and the Win32k Lockdown Policy employed in the Google Chrome Sandbox. Combined with a compromised renderer process, for example, this vulnerability can lead to a full Remote Command Execution exploit chain in the latest state-of-the-art web-browsers,” Kaspersky explained. The security firm says it has found several builds of an exploit for this vulnerability, including one adapted for the latest versions of Windows.

Read More

Microsoft Patches Zero-Day Flaws in Windows, Internet Explorer

SecurityWeek | August 15, 2018

Microsoft’s Patch Tuesday updates for August 2018 address 60 vulnerabilities, including two zero-day flaws affecting Windows and Internet Explorer. One of the actively exploited vulnerabilities is CVE-2018-8414, which Microsoft learned of from Matt Nelson of SpecterOps. Nelson disclosed the details of the bug in June after Microsoft told him that “the severity of the issue is below the bar for servicing and that the case will be closed.” Proofpoint then revealed in July that a financially-motivated threat actor tracked by the company as TA505 had been exploiting the flaw to deliver the FlawedAmmyy RAT. Microsoft described the issue as a Windows Shell remote code execution vulnerability that can be exploited by getting the targeted user to open a specially crafted file. The company says the flaw impacts Windows 10 and Windows Server (versions 1709 and 1803). According to Trend Micro’s Zero Day Initiative (ZDI), the same vulnerability also impacts Adobe Acrobat Reader. ZDI researcher Abdul-Aziz Hariri reported the weakness to Adobe, which also released a patch for it on Tuesday. “The Acrobat patch blocks the embedding of certain files types – a tactic Microsoft has already done with Office 365 docs,” ZDI explained in a blog post published after the patches were released. “This [Microsoft] patch prevents the bypassing of traditional file execution restrictions within Windows. It’s fascinating to see exploit authors combine different products to evade detection and proliferate their malware.” The second zero-day vulnerability patched on Tuesday by Microsoft is CVE-2018-8373, a remote code execution flaw that exists due to how the scripting engine in Internet Explorer handles objects in memory.

Read More

Exploit Kits Target Recent Flash, Internet Explorer Zero-Days

SecurityWeek | June 13, 2018

Exploit kits (EKs) might not be as dominant as they were several years ago, but they continue to exist and most of them already adopted exploits for recently discovered Flash and Internet Explorer zero-day vulnerabilities. The first of the flaws is CVE-2018-4878, a security bug in Adobe’s Flash Player discovered in late January, when it was exploited by a North Korean hacker group in attacks aimed at individuals in South Korea. Adobe released a patch within a week after the bug became public, but it continued to be targeted in numerous other attacks. The second is CVE-2018-8174, a critical issue that allows attackers to remotely execute arbitrary code on all supported versions of Windows, and which was addressed with the May 2018 Patch Tuesday updates. The bug is an update to a 2-year-old VBScript vulnerability (CVE-2016-0189) that continues to be abused in attacks. The recently patched Flash Player zero-day tracked as CVE-2018-5002, which has been exploited in targeted attacks, has yet to be added to EKs. “Since both Flash and the VBScript engine are pieces of software that can be leveraged for web-based attacks, it was only natural to see their integration into exploit kits,” Malwarebytes points out. Within days after a proof of concept became publicly available, RIG adopted the exploit for the new VBScript engine flaw, becoming the first EK to do so. The toolkit also added an exploit for said Flash bug, and was observed pushing payloads such as Bunitu, Ursnif, and the SmokeLoader backdoor.

Read More

Events