Hé toi,
ÊTRE EN SAVOIR!

35,000 infections ransomware par mois et vous croyez toujours que vous êtes protégé?

Inscrivez-vous pour recevoir:

  • alertes
  • nouvelles
  • gratuit comment-remove-guides

des menaces les plus récentes en ligne - directement à votre boîte de réception:


Haut 3 Vulnérabilités Utilisé dans 2016 Exploit Attaques Kit

exploiter-kit-malware-user-stforum

Une nouvelle recherche menée par Ombres numériques révèle que 76 les vulnérabilités sont exploitées dans exploitent kit attaques. 27 d'entre eux se trouvent dans Flash. Malgré la popularité des défauts de Flash, an IE bug prevails in most attack scenarios and has proven to be attackers’ favorite means of exploit. Some of the flaws date back to 2013.


Autrefois, plenty of exploit kits were detected in the wild. Dans 2016, only a few of them are still seen as part of active malicious campaigns. The list of active EKs seen throughout 2016 includes Angler, Nucléaire (both declared dead in April and June), Ordre de grandeur, RIG, Coucher, et Hunter. All the EKs are based on different flaws, in most cases public and patched. The choice of vulnerabilities to incorporate mostly depends on the skills of the malicious actor.

en relation: EK nucléaire Is Dead, Long Live the Exploit Kit!

In addition to Flash and IE, Java is also quite famous in terms of exploitable vulnerabilities employed in EK-based attacks. Other exploited technologies are Mozilla Firefox, Adobe Reader, and Microsoft Silverlight.


Si, Which Are the Most Popular Vulnerabilities Used in Exploit Kit Attack Scenarios?

First Place: CVE-2013-2551 – the IE Bug Mostly Favored by Attackers

CVE-2013-2551 Official Description

Use-after-free vulnerability in Microsoft Internet Explorer 6 par 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, alias “Internet Explorer Use After Free Vulnerability,” a different vulnerability than CVE-2013-1308 and CVE-2013-1309.

Comme vous pouvez le voir, the bug is affecting IE6 to IE10 and causes remote code execution. Such an attack was demonstrated back in 2013 during the Pwn2Own completion at CanSecWest.

Second Place: CVE-2014-0515 – the Most Popular Bug in Flash Deployed by EK Operators

CVE-2014-0515 Official Description

Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, et avant 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, comme exploitée dans la nature en Avril 2014.

Third Place: Split between CVE-2013-2465 in Java and CVE-2014-0569 in Flash

CVE-2013-2465 and CVE-2014-0569 Official Descriptions

CVE-2013-2465 is an unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Mise à jour 21 et plus tôt, 6 Mise à jour 45 et plus tôt, et 5.0 Mise à jour 45 et plus tôt, and OpenJDK 7. The flaw allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, as explained by MITRE researchers.

CVE-2014-0569, d'autre part, is an:

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.


Exploit Kit Developers Are Evolving Together with the Malware Market

Digital Shadow researchers have concluded that the exploit kit market is quickly changing and adapting itself to the needs of malware operators and to the changes in software. Par conséquent, many EKs are dropping support for older exploits and embracing newer flaws, mostly disclosed after 2015.

En outre, while CVE-2013-2551 [the IE bug described above] was the most shared of all the known vulnerabilities exploited, it is not known if this remains viable or present within exploit kits active at the time of writing,” the report concludes.

Milena Dimitrova

Un écrivain inspiré, axé sur la vie privée de l'utilisateur et les logiciels malveillants. Aime 'M.. 1984 «robot» et les craintes de.

Plus de messages - Site Internet

Partager sur Facebook Partager
Loading ...
Partager sur Twitter Tweet
Loading ...
Partager sur Google Plus Partager
Loading ...
Partager sur Linkedin Partager
Loading ...
Partager sur Digg Partager
Partager sur Reddit Partager
Loading ...
Partager sur Stumbleupon Partager
Loading ...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.