The Rise of the “Blackhole” Exploit Kit: The Importance of Keeping All Software Up To

[ronjor]

Quote:

Tim Rains - Microsoft
19 Jul 2012 9:30 AM

According to data we recently published in the Microsoft Security Intelligence Report volume 12 (SIRv12), drive-by download attacks continue to be a favorite tactic used by many attackers attempting to compromise large numbers of systems around the world. I have written about drive-by download attacks in the past (What You Should Know About Drive-By Download Attacks part 1, part 2) and the need to keep all software up-to-date in an effort to mitigate this type of attack.

In the second half of 2011 (2H11) there was a dramatic increase in detections of exploits delivered through JavaScript. This increase was due primarily to the emergence of JS/Blacole, a family of exploits used by the so-called “Blackhole” exploit kit to deliver malicious software through infected web pages.

https://blogs.technet.com/b/security...edirected=true

[Hungry Man]

Funny how when they were pushing SmartScreen their statistics lumped so much into what they considered "Social Engineering."

[funkydude]

Quote:

Originally Posted by Hungry Man

Funny how when they were pushing SmartScreen their statistics lumped so much into what they considered "Social Engineering."

What about the social engineering involved in getting people to these sites?

[Hungry Man]

That's my point. Most attacks have some element of both - people aren't just hacked, they have to end up on a webpage somehow (or they don't have ot, but typically are) and at that point an exploit takes over.

With the SmartScreen stats they reported most infections being due primarily to social engineering. Almost every other report has shown that there's a ton of vulnerabilities being exploited in the wild.