The latest news in malware has been the recent Kaspersky Labs discovery of the sophisticated attack toolkits named Gauss. Headlines also include reports of the Zegost RAT being served by compromised Nepalese government websites. However, the majority of the malware samples received the last couple of weeks have been related to the Blackhole Exploit Kit.

The Solutionary SERT research team has been tracking this issue for some time and our public reports up to this point have been relatively high-level. If what we’ve observed over the past few weeks is any indicator, Blackhole will not be going away any time soon, and it... read more >

The Solutionary Security Engineering Research Team (SERT) has been receiving a significant amount of malicious emails luring would-be victims to hosts running the Blackhole Exploit Kit.

The emails claim to be related to a rejected wire transfer. SERT has observed that the malicious emails use an embedded hyperlink or an attached HTML file attachment. The hyperlink points to a compromised website, usually running a piece of obfuscated javascript that is decoded as an iframe. The iframe redirects the victim’s browser to a Blackhole landing page that attempts to exploit the victim’s computer and install additional malware such as... read more >