Vulnerabilities and exploits

Incidents

Trust me, I have a pen

Earlier today we became aware of a malicious website delivering Petya through the Hunter exploit kit. While there is nothing special about yet another exploit kit page, this one caught our attention because it mimics the index page of our sinkhole systems.

APT reports

The Equation giveaway

August 13, 2016 saw the beginning of a truly bizarre episode. A new identity going under the name ‘ShadowBrokers’ came onto the scene claiming to possess files belonging to the apex predator of the APT world, the Equation Group.

Research

The tip of the iceberg: an unexpected turn in the xDedic story

Last week we reported on the xDedic underground marketplace. The day after, an anonymous source posted the links pointed to a series of pastes on the Pastebin, which in turn contained long lists of IP addresses. The author of the comment mentioned that the list of pastes is related to hacked servers from the xDedic marketplace.

Research

xDedic – the shady world of hacked servers for sale

Over the last two years, deep in the slums of the Internet, a different kind of underground market has flourished. The short, cryptic name perhaps doesn’t say much about it: xDedic. However, on this obscure marketplace anyone can purchase more than 70,000 hacked servers from all around the Internet.

Reports

APT trends report Q3 2024

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Subscribe to our weekly e-mails

The hottest research right in your inbox