On Sunday April 10th the Fox-IT Security Operations Center (SOC) started to see an increase of exploit kit related incidents. The incidents originated from a large malvertising campaign hitting the Netherlands. The list of affected websites spreads across most of the popular Dutch websites. In total we've now seen at least 288 websites being affected. To … Continue reading Large malvertising campaign hits popular Dutch websites
Category: Blog
Website of security certification provider spreading ransomware
Since Monday the 21st of March the Fox-IT Security Operations Center (SOC) has been observing malicious redirects towards the Angler exploit kit coming from the security certification provider known as the EC-COUNCIL. As of writing this blog article on the Thursday the 24th of March the redirect is still present on the EC-COUNCIL iClass website … Continue reading Website of security certification provider spreading ransomware
Financial Crisis Exercise at RSA 2016
This year, at the RSA Conference, held in San Francisco from February 29 – March 4, Fox-IT was asked to host a financial cyber crisis table top exercise for the Learning Labs portion of the conference. This was a great opportunity for us to showcase some of what Fox-IT does for companies: training and aiding … Continue reading Financial Crisis Exercise at RSA 2016
RSA 2016: A Long Road Ahead for Security
We recently attended the RSA Conference, held in San Francisco from February 29 - March 4, to speak with our European clients. Does that surprise you? Far more Europeans visit this conference than you might think. The RSA Conference is the largest trade show for security in the world, yet its main attraction lies not … Continue reading RSA 2016: A Long Road Ahead for Security
RSA 2016: security heeft nog een lange weg te gaan
Wij stonden op de RSA conferentie in San Francisco van 29 februari tot 4 maart om te praten met onze Europese klanten. Jawel, er komen veel meer bezoekers uit Europa dan je zou denken. De RSA is dan ook de belangrijkste securitybeurs ter wereld. Toch gaat het niet zozeer om wat er op de beursvloer … Continue reading RSA 2016: security heeft nog een lange weg te gaan
Ponmocup – A giant hiding in the shadows
Ponmocup, first discovered in 2006 as Vundo or Virtumonde, is one of the most successful botnets of the past decade, in terms of spread and persistence. The reasons why this botnet is considered highly interesting are that it is sophisticated, underestimated and is currently largest in size and aimed at financial gain. This underestimated botnet … Continue reading Ponmocup – A giant hiding in the shadows
The state of Ransomware in 2015
Introduction Ransomware has been a threat for quite some years, although the ransomware as its currently known, encrypting files, has only been around a few years. This change started with the initial 2013 CryptoLocker infections authored by the creator of the notorious Zeus banking malware, Slavik. Since CryptoLocker, many new variants as well as completely … Continue reading The state of Ransomware in 2015
How a research project at Fox-IT enhances your security career
Internships are a great way to assess a student’s capabilities, Fox-IT is always looking for talented individuals, that have proven that they have what it takes to be 'a foxer'. At Fox-IT we hold our colleagues to the highest (technical) knowledge standard. If everyone is held to this high standard, we can insure the quality … Continue reading How a research project at Fox-IT enhances your security career
Finding the hidden attacker in your network
Imagine the following scenario: you are the CIO of an organization and receive a phone call from an external party, informing you that suspicious traffic has been observed between your company network and a remote server. The incident response turns up that an attacker has been present in your network for over 6 months, and … Continue reading Finding the hidden attacker in your network
Do you have a clue?
Vind de verborgen aanvaller in uw netwerk Stelt u zich eens voor: u krijgt als CIO een telefoontje van een externe partij dat er verdacht verkeer is gesignaleerd tussen uw bedrijfsnetwerk en een externe server. Naar aanleiding van de incident response blijkt tot uw grote schrik dat er al meer dan zes maanden een aanvaller … Continue reading Do you have a clue?
Fox-IT International blog 