Exploit kits have been around since 2006, and have been continuously evolving to take advantage of vulnerabilities found on popular software. This research paper discusses what exploit kits are, how they work, and how they evolved over time.
This research paper discusses how PoS RAM scrapers infect systems and exfiltrate stolen data, and provides a list of strategies and techologies that can be used to defend against the threat.
BEDEP malware has recently gained notoriety in the threat landscape after it played a part in two different zero-day exploits affecting Adobe Flash in early 2015. This technical paper tackles its routines and capabilities, as well as its impact.
Microsoft has enabled a new exploit mitigation mechanism in Windows 10 and 8.1 called Control Flow Guard that makes vulnerabilities more difficult to exploit. This paper takes an in-depth look at its implementation and weaknesses.
This Trend Micro paper unearths two separate but linked malware campaigns—Operation Arid Viper and Advtravel. Operation Arid Viper targets specific Israeli organizations using infrastructure in Germany with ties to Gaza in Palestine.
This research paper provides in-depth information on the operation and structure of a cybercriminal group found using fake banking apps to steal mobile banking credentials from South Korean users.