Home Blog Recent Trends in Exploit Kits Recent Trends in Exploit Kits BlueVoyant Share: Facebook Twitter LinkedIn “Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities. Exploit Kits (EK) have grown as an active attack vector in recent months. EKs were popular six to eight years ago; however, a significant number of them were taken down by law enforcement. Their resurgence can be attributed to cheap browser exploits and malware, such as Emotet, which include modular capabilities and allow attackers to partner to distribute malware. In 2019, popular EKs, such as Fallout and RIG, are available with monthly subscription-based operating models. Recent exploit kits are leveraging known vulnerabilities with openly available Proof of Concept (PoC) exploits. According to researchers at SentinelOne, ”The majority of the exploit kit clientele are Russian speaking cybercrime malware distributors; moreover, the exploit kit administrators themselves routinely refuse to rent the EK to the English-language speakers.” Exploit Kits trending over the last six months saw several spikes over the summer. They could be on an upward trend heading into the fall season. Attackers using EKs are counting on poor patch management to dole out multiple malicious campaigns. Share: Facebook Twitter LinkedIn Related reading Why Bluevoyant BlueVoyant – Microsoft Security Consulting Potential Career Paths November 29, 2021 BlueVoyant is always looking for people who are flexible, willing to tackle new technologies, explore, get their hands on the latest cybersecurity tools,… Read more Malware AnchorDNS Comes Ashore: Evolutions in the TTPs of TrickBot November 12, 2021 Using our knowledge of AnchorDNS-now-Stickseed, BlueVoyant Third-Party Risk and Managed Security Services were able to identify a Stickseed attack in the… Read more Identifying Threats Pivoting on Compliance Efforts Under CMMC 2.0 November 9, 2021 The U.S. government released CMMC 2.0 on November 4, or less than one week ago. This brief summarizes what we currently know, key points that still need to… Read more
BlueVoyant Share: Facebook Twitter LinkedIn “Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities. Exploit Kits (EK) have grown as an active attack vector in recent months. EKs were popular six to eight years ago; however, a significant number of them were taken down by law enforcement. Their resurgence can be attributed to cheap browser exploits and malware, such as Emotet, which include modular capabilities and allow attackers to partner to distribute malware. In 2019, popular EKs, such as Fallout and RIG, are available with monthly subscription-based operating models. Recent exploit kits are leveraging known vulnerabilities with openly available Proof of Concept (PoC) exploits. According to researchers at SentinelOne, ”The majority of the exploit kit clientele are Russian speaking cybercrime malware distributors; moreover, the exploit kit administrators themselves routinely refuse to rent the EK to the English-language speakers.” Exploit Kits trending over the last six months saw several spikes over the summer. They could be on an upward trend heading into the fall season. Attackers using EKs are counting on poor patch management to dole out multiple malicious campaigns. Share: Facebook Twitter LinkedIn Related reading Why Bluevoyant BlueVoyant – Microsoft Security Consulting Potential Career Paths November 29, 2021 BlueVoyant is always looking for people who are flexible, willing to tackle new technologies, explore, get their hands on the latest cybersecurity tools,… Read more Malware AnchorDNS Comes Ashore: Evolutions in the TTPs of TrickBot November 12, 2021 Using our knowledge of AnchorDNS-now-Stickseed, BlueVoyant Third-Party Risk and Managed Security Services were able to identify a Stickseed attack in the… Read more Identifying Threats Pivoting on Compliance Efforts Under CMMC 2.0 November 9, 2021 The U.S. government released CMMC 2.0 on November 4, or less than one week ago. This brief summarizes what we currently know, key points that still need to… Read more
Why Bluevoyant BlueVoyant – Microsoft Security Consulting Potential Career Paths November 29, 2021 BlueVoyant is always looking for people who are flexible, willing to tackle new technologies, explore, get their hands on the latest cybersecurity tools,… Read more
Malware AnchorDNS Comes Ashore: Evolutions in the TTPs of TrickBot November 12, 2021 Using our knowledge of AnchorDNS-now-Stickseed, BlueVoyant Third-Party Risk and Managed Security Services were able to identify a Stickseed attack in the… Read more
Identifying Threats Pivoting on Compliance Efforts Under CMMC 2.0 November 9, 2021 The U.S. government released CMMC 2.0 on November 4, or less than one week ago. This brief summarizes what we currently know, key points that still need to… Read more
