The decline of exploit kit activity—particularly from well-known exploit kits like Magnitude, Nuclear, Neutrino, and Rig during the latter half of 2016—doesn’t mean exploit kits are throwing in the towel just yet. This is the case with Astrum (also known as Stagano), an old and seemingly reticent exploit kit we observed to have been updated multiple times as of late.
Astrum’s recent activities feature several upgrades and shows how it's starting to move away from the more established malware mentioned above. It appears these changes were done to lay the groundwork for future campaigns, and possibly to broaden its use. With a modus operandi that deters analysis and forensics by abusing the Diffie-Hellman key exchange, it appears Astrum is throwing down the gauntlet.
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
Will Astrum Fill the Vacuum in the Exploit Kit Landscape?
Today’s businesses are producing so much data that a core part of IT strategy is just finding somewhere to store it.
Cybersecurity Insights - Attack
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.
Cybersecurity Insights - People
Hunting for Hackers - Why Preventive Measures are Only Part of the Cyber Solution, Duncan Alderson, Senior Manager, Cyber & Forensics, PwC Australia | IDG Security Day