In the last few days, a series of quite major vulnerailtities have been discovered across a variety of apps and websites.
Here is everything you need to know.
Casino Malvertising
This attack was pumped out via 10 different ad domains that were mostly on websites offering pirated movies. Without being clicked, the ads would send users to a casino website, which ultimately led to the Angler exploit kit. The Neutrino exploit kit was also being pushed.
The attack has been going on for at least 3 weeks, exposing a large number of people to malware such as the Cryptowall Ransomware and the Bunitu Trojan.
Malwarebytes’ Jerome Segura "one of the largest malvertising campaigns in recent months".
Blackhole resurfaces
The infamous Blackhole malware returned this week, again discovered and documented by Malwarebytes. The attacks were evening reusing the PDF and Java exploits used before. This is despite the fact that the hack behind the code, Paunch, was arrested in 2013.
The fact that the exploits are a bit old does not stop some computers being vulnerable, and it is thought that the old code, which is public is being updated.
Content from our partners
crossdomain.xml open domain traffic
Another vulnerability making an unwelcome reappearance is tone that allows for open domain traffic on the publicly available crossdomain.xml file.
The vulnerability exposes 6% of some of the most popular websites in the UK, including financial services and health care firms, to having sensitive data acquired from them via an SWF file and phishing attacks.
This vulnerability was discovered by Xiphos research, whose co-founder Mike Kemps says it is well documented and relatively easy to exploit.
WITCHCOVEN
This hack deploys a highly persistent tracking cookie on a victim’s computer, with the profiling script modifying underlying HTML on the homepage and subpages of specifically chosen legitimate websites.
The hack collects data on the victim’s computer and browser configuration, It is believed the target of the attacks is government officials and business executives in the US and the UK, probably in preparation for targeted malware attacks in the future.
InstaAgent Password harvesting
The popular InstaAgent app, which tells users who has been looking at the Instagram profile, was pulled last after a Twitter user revealed that username and passwords were being sent to an unknown servers. That data was being used to spam Instagram accounts.
Instagram said apps like this were against its terms of service, and recommended users delete it and reset their password.
