Home Blog Recent Trends in Exploit Kits Recent Trends in Exploit Kits BlueVoyant Share: Facebook Twitter LinkedIn “Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities. Exploit Kits (EK) have grown as an active attack vector in recent months. EKs were popular six to eight years ago; however, a significant number of them were taken down by law enforcement. Their resurgence can be attributed to cheap browser exploits and malware, such as Emotet, which include modular capabilities and allow attackers to partner to distribute malware. In 2019, popular EKs, such as Fallout and RIG, are available with monthly subscription-based operating models. Recent exploit kits are leveraging known vulnerabilities with openly available Proof of Concept (PoC) exploits. According to researchers at SentinelOne, ”The majority of the exploit kit clientele are Russian speaking cybercrime malware distributors; moreover, the exploit kit administrators themselves routinely refuse to rent the EK to the English-language speakers.” Exploit Kits trending over the last six months saw several spikes over the summer. They could be on an upward trend heading into the fall season. Attackers using EKs are counting on poor patch management to dole out multiple malicious campaigns. Share: Facebook Twitter LinkedIn Related reading Ransomware Why Are the Consequences of Ransomware Attacks Rarely Fully Understood? May 24, 2022 According to BlueVoyant’s ransomware research, unsuspecting victims suffer the consequences, such as layoffs, medical treatment delays, travel… Read more Ransomware From Ransomware to the U.K.’s Cybersecurity Strategy May 20, 2022 In the past couple of years, ransomware attacks have doubled and – in some instances – quadrupled in frequency, as noted in BlueVoyant’s Ransomware… Read more Microsoft Security BlueVoyant Awarded L4 Cloud Security Rockstar Team from Microsoft Private Security Community May 17, 2022 This week, Caleb Freitas and Mona Ghadiri received the L4 Cloud Security Rockstar Team award on behalf of BlueVoyant. Read more
BlueVoyant Share: Facebook Twitter LinkedIn “Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities. Exploit Kits (EK) have grown as an active attack vector in recent months. EKs were popular six to eight years ago; however, a significant number of them were taken down by law enforcement. Their resurgence can be attributed to cheap browser exploits and malware, such as Emotet, which include modular capabilities and allow attackers to partner to distribute malware. In 2019, popular EKs, such as Fallout and RIG, are available with monthly subscription-based operating models. Recent exploit kits are leveraging known vulnerabilities with openly available Proof of Concept (PoC) exploits. According to researchers at SentinelOne, ”The majority of the exploit kit clientele are Russian speaking cybercrime malware distributors; moreover, the exploit kit administrators themselves routinely refuse to rent the EK to the English-language speakers.” Exploit Kits trending over the last six months saw several spikes over the summer. They could be on an upward trend heading into the fall season. Attackers using EKs are counting on poor patch management to dole out multiple malicious campaigns. Share: Facebook Twitter LinkedIn Related reading Ransomware Why Are the Consequences of Ransomware Attacks Rarely Fully Understood? May 24, 2022 According to BlueVoyant’s ransomware research, unsuspecting victims suffer the consequences, such as layoffs, medical treatment delays, travel… Read more Ransomware From Ransomware to the U.K.’s Cybersecurity Strategy May 20, 2022 In the past couple of years, ransomware attacks have doubled and – in some instances – quadrupled in frequency, as noted in BlueVoyant’s Ransomware… Read more Microsoft Security BlueVoyant Awarded L4 Cloud Security Rockstar Team from Microsoft Private Security Community May 17, 2022 This week, Caleb Freitas and Mona Ghadiri received the L4 Cloud Security Rockstar Team award on behalf of BlueVoyant. Read more
Ransomware Why Are the Consequences of Ransomware Attacks Rarely Fully Understood? May 24, 2022 According to BlueVoyant’s ransomware research, unsuspecting victims suffer the consequences, such as layoffs, medical treatment delays, travel… Read more
Ransomware From Ransomware to the U.K.’s Cybersecurity Strategy May 20, 2022 In the past couple of years, ransomware attacks have doubled and – in some instances – quadrupled in frequency, as noted in BlueVoyant’s Ransomware… Read more
Microsoft Security BlueVoyant Awarded L4 Cloud Security Rockstar Team from Microsoft Private Security Community May 17, 2022 This week, Caleb Freitas and Mona Ghadiri received the L4 Cloud Security Rockstar Team award on behalf of BlueVoyant. Read more