New kit, same player_ top 10 vulnerabilities used by exploit kits in 2016

• Adobe Flash Player provided six of the top 10 vulnerabilities used by exploit kits in 2016. Best free data backup software Since our 2015 ranking, Flash Player’s popularity with cyber criminals remains after increased Adobe security issue mitigation efforts.

• Vulnerabilities in Microsoft’s Internet Explorer, Windows, and Silverlight rounded out the top 10 vulnerabilities used by exploit kits.


Sql backup software None of the vulnerabilities identified in last year’s report carried over to this year’s top 10.

• Sundown, RIG, and Neutrino exploit kits filled the void created by Angler Exploit Kit’s June 2016 demise. List of backup software This crimeware can be used for anywhere from $200 a week (RIG) to $1,500 a week (Neutrino).

• Adobe Flash Player’s CVE-2015-7645 has been incorporated into seven exploit kits, the highest penetration level of our analyzed vulnerabilities likely because it was the first zero-day discovered after significant Adobe security changes.

According to updated Recorded Future analysis, Adobe (Flash Player) and Microsoft products (Internet Explorer, Silverlight, Windows) continue to provide the primary avenue of access for criminal exploit kits. What is a backup software While nation-state targeting of political efforts has dominated information security headlines in 2016, criminals continue to deliver ransomware and banking trojans using new exploit kits targeting new vulnerabilities.

As a follow-up to last year’s ranking of vulnerabilities targeted by exploit kits, Recorded Future conducted updated analysis of over 141 exploit kits (EKs) and known vulnerabilities.

Vulnerabilities in Microsoft’s Internet Explorer (IE), Silverlight, and Windows rounded out the top 10. Good backup software Notably, a 2016 IE vulnerability (CVE-2016-0189) saw the most linkage to exploit kits, including Sundown EK which quickly adopted an exploit for it in July 2016.

Exploit kits offer an expedited crimeware-as-a-service (CaaS) channel where users pay per install of their malware. Database backup software Since the emergence of modern exploit kits in 2006, criminals need less and less programming experience, as they only need to provide the payload (such as CrypMIC ransomware or TrickBot banking trojan). Top 10 backup software The payload is then spread via the exploit kit through compromised sites or malicious third-party advertising (malvertising). Free backup software The teams behind these exploit kits continue to add fresh exploits for software as increased effectiveness in delivering the “customer’s” payload will generate more revenue.

Exploit kit victims load the compromised web page, malvertisement, or unwittingly follow a malicious link to the exploit kit’s landing page. Data backup software for windows Per Sophos, “the landing page is the starting point for the exploit kit code.” Using a mix of HTML and JavaScript, the EK identifies the visitor’s browser and plugins, providing the kit the information necessary to deploy the exploit most likely to result in a drive-by download.

In some cases, exploit kits can be rented on a weekly or monthly basis. The best backup software For example, Nucleus was available at $800 a week or $2,000 a month. Best free backup software windows 7 The lower-quality RIG exploit kit costs significantly less: $50 a day, $200 week, or $700 a month. System backup software While still available, Neutrino was the most expensive: $1,500 a week or $4,000 a month.

Recorded Future analyzed thousands of sources including information security blogs, deep web forum postings, and dark web onion sites. Backup software free Analysis focused on exploit kit and vulnerability discussion from November 16, 2015 to November 15, 2016, roughly one year since our 2015 report.

As part of this research, Recorded Future utilized a list of 141 exploit kits, an increase over the 108 analyzed last year. Image backup software free Top EK exploited vulnerabilities were ranked by the number of web references linking them to an exploit kit.

Recorded Future did not reverse engineer any malware mentioned in this analysis and instead performed a meta-analysis of available information from the web. Exchange backup software Exploits for dozens of other vulnerabilities are currently employed by EKs and this report’s intent is to highlight top targets of popular exploit kits. Best hdd backup software Vulnerability Adoption by Exploit Kits

Adobe Flash Player’s CVE-2015-7645, number 10 in terms of references to exploit kits, stands out as the vulnerability with the most adoption by exploit kits. Ftp backup software Exploit kits adopting the Adobe bug in the past year include Neutrino, Angler, Magnitude, RIG, Nuclear Pack, Spartan, and Hunter.

CVE-2015-7645 impacts Windows, Mac, and Linux operating systems, which makes it extremely versatile. Best free backup software 2016 Per Adobe, it can be used to take control of the affected system. Backup files software Additionally, it was the first zero-day exploit discovered after Adobe introduced new security mitigations, and as such, it was quickly adopted as many other older exploits ceased working on machines with newer Flash versions. Best data backup software The vulnerability was also noted as being used by Pawn Storm (APT28, Fancy Bear), a Russian government-backed espionage group.

Unfortunately, slow enterprise patching and lack of knowledge by home users mean the vulnerability still manages to help kits infect machines. Corporate backup software Sundown Exploit Kit in Focus

The Sundown exploit kit is a rising star in the crimeware world. Free hard drive backup software With the demise of several of last year’s leaders, the Sundown EK has seen significant adoption among criminal elements. Driver backup software Sundown maintainers have been very quick to add new exploits to the kit to differentiate it from other choices, such as the RIG exploit kit.

Researchers exposed much of the infrastructure behind Nuclear, and Neutrino operators pulled their kit off the public market, leaving a void for the RIG and Sundown exploit kits to fill. Backup pc software Although RIG is still the market leader, Sundown is rising in popularity.

According to our analysis, Sundown was first noticed in April 2015, and was primarily noted for copying other kits and absorbing their vulnerabilities and methods. Remote backup software The developers made a mark with the kit in 2015 by being one of the first to integrate an Internet Explorer bug (CVE-2015-2444), which was used to target Japanese banking customers. Hdd backup software Another differentiator for the malware is how it focuses on dropping banking trojans, unlike some of the other kits we have seen which drop everything from ransomware to remote access tools. Best backup software lifehacker Sundown also leveraged domain shadowing on a significantly wider scale than competitors.

Last year, the primary risk of contracting a nasty exploit kit was through Adobe product bugs, and Flash in particular. Best free backup software 2015 Unfortunately, the situation has not significantly improved.

The recommendation was to update Adobe Flash, and this year that recommendation still stands. Software backup and restore For those who want to know exactly how this can be done, or who want to uninstall Flash completely, Graham Cluley has written an excellent walkthrough on doing just that.

For other users who simply want things to work, it should also be noted the Google Chrome team bundles the most recent Flash version with the browser, which should keep them a little more secure. Auto pc backup software Even better, Chrome now defaults to HTML5 for content that supports it instead of loading the content with Flash.

For additional peace of mind, users of most modern browsers can turn on “Click to Load” features which automatically block Flash elements unless the user specifically clicks on them. Data backup and recovery software free download Conclusion

banner