Security Protection – Harry Waldron MVP Rotating Header Image

Security Exploit Kits – contain attack code for older patched vulnerabilities

Many popular exploits add new “zero day” vulnerabilites as they emerge (unpatched by vendor).  However, the base architecture of the kit contains numerous older exploits and especially those which can provide the easiest avenues for compromised access.  It is important to patch Windows, Adobe, Java, and all software installed on the PC. The article illustrates value of staying up-to-date on security patches both corporately and at home.

http://securitywatch.pcmag.com/none/307373-zero-day-not-required-diy-hacker-kits-target-older-bugs

QUOTE: Contrary to popular perception, most malware attacks aren’t targeting zero-day vulnerabilities or exotic flaws. In fact, nearly 60 percent of vulnerabilities used by popular exploit kits are more than two years old, according to a new study from Solutionary. Solutionary’s Security Engineering Research Team reviewed 26 common exploit kits and found that old vulnerabilities are still being targeted, according to the Q4 SERT Quarterly Threat Report, released Tuesday. SERT found exploit code dating as far back as 2004, which was “evidence that old vulnerabilities continue to prove fruitful for cyber-criminals,” the company said. It also is a sign that the number of newly discovered and disclosed vulnerabilities has declined since 2010.

Exploit kits make it easy for cyber-criminals to craft malware campaigns without having a lot of technical know-how and skills. With these “do-it-yourself” toolkits, criminals can hack into sites, infect computers with malware, and collect information from compromised users. The creators regularly update the kits with new attacks and features to help criminals make more money. Exploit kits frequently target vulnerabilities in Adobe Flash and Reader, Java, Internet Explorer, and other popular software. “Organizations should not only address zero-day vulnerabilities, but also address missing patches to ensure past vulnerabilities have  been remediated,” the researchers wrote.

Comments are closed.