TRAC

It is not uncommon to see an anti-spam system catch >99% of the spam passing through it. Most of the best anti-spam systems catch >99.9% of spam. In this environment, spammers try just about anything to evade spam filters. Some spammers believe that blasting at high volume is the key to succes…

April kicked off with a 1:292 rate of malware encounters and closed with a rate of 1:315. Highest peak day was April 20 when the rate reached 1:177. Lowest was April 4 at 1:338. The median rate of web malware encounters in April 2014 was 1:292, representing a slight improvement over the median of 1:…

This post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering.  Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners a…

As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog. Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exp…

Update 5-1-2014: We can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog.  The recent discovery of a new Internet Explorer zero-day exploit underlines how exposed web browsers are to vulnerabilities…

This post is coauthored by Andrew Tsonchev. Anyone can purchase an exploit pack (EP) license or rent time on an existing EP server. The challenge for threat actors is to redirect unsuspecting web browsing victims by force to the exploit landing page with sustained frequency. Naturally, like most cri…

The median rate of web malware encounters in March 2014 was 1:260, compared to a median rate of 1:341 requests in February. At least some of this increased risk appears to have been a result of interest in the NCAA tournaments (aka March Madness), which kicked off during the second week of March in…

Web surfers in February 2014 experienced a median malware encounter rate of 1:341 requests, compared to a January 2014 median encounter rate of 1:375. This represents a 10% increase in risk of encountering web-delivered malware during the second month of the year. February 8, 9, and 16 were the high…

This post is co-authored with Levi Gundert and Andrew Tsonchev. Update 2014-03-21: For clarity, the old kernel is a common indicator on the compromised hosts. We are still investigating the vulnerability, and do not yet know what the initial vector is, only that the compromised hosts are similarly ‘…