Home 0P3N Blog [podcast] Earl Carter dissects the Angler Exploit Kit
Ready to Start Your Career?
Create Free Account
BrBr s profile image
By: BrBr
June 7, 2016

[podcast] Earl Carter dissects the Angler Exploit Kit

By: BrBr
June 7, 2016
BrBr s profile image
By: BrBr
June 7, 2016
[embed]https://youtu.be/WOvzLaQDHEA[/embed]Earl Carter (@kungchiu) spends all day researching exploit kits and using that information to protect customers from various malware payloads that spread ransomware.  This week we sit down with him to understand the#Angler EK.He starts us off with a history or where it came from and how it gained so much popularity, evolving from earlier EKs, like#BlackHole, or WebAttacker. We even discuss how it's gone from drive-by downloads, to running only in memory, to being used in malvertising campaigns. We even get to hear about how the creators "rent" out the Angler EK, and how they also control the malvertising side as well. Great insights into how the Angler EK eco-system operates...We are also adding some vocabulary to your dictionary... find out what "302 Cushioning" and "Domain Shadowing" are, and why your blue teamers should be more vigilant about monitoring your domain registrar...We talk about some of the vulns used by exploit kits. Contrary to popular belief, the vulns used don't always have to be 0day. Blue teamers will learn valuable insights in protecting your networks from this EK.Direct Link:https://traffic.libsyn.com/brakeingsecurity/2016-022-earl_carter_dissects_angler_ek.mp3YouTube: https://youtu.be/WOvzLaQDHEA Links referenced during the show:Earl's slides from Bsides Austin: http://www.slideshare.net/EarlCarter3/bsides-anglerevolution-talk-60408313http://blog.0x3a.com/post/118366451134/angler-exploit-kit-using-tricks-to-avoid-referrerhttp://blogs.cisco.com/security/talos/angler-flash-0-dayhttp://malware.dontneedcoffee.com/2014/08/angler-ek-now-capable-of-fileless.htmlhttps://isc.sans.edu/forums/diary/Angler+exploit+kit+pushes+new+variant+of+ransomware/19681http://blogs.cisco.com/security/talos/angler-flash-0-dayhttps://hiddencodes.wordpress.com/2015/05/29/angler-exploit-kit-breaks-referer-chain-using-https-to-http-redirection/https://heimdalsecurity.com/blog/ultimate-guide-angler-exploit-kit-non-technical-people/  

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast on Patreon: https://www.patreon.com/bds_podcast#Twitter: @brakesec @boettcherpwned @bryanbrake#Facebook: https://www.facebook.com/BrakeingDownSec/#Tumblr: http://brakeingdownsecurity.tumblr.com/Player.FM : https://player.fm/series/brakeing-down-security-podcast#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ 
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry