Changes in the threatscape as regards exploitation of 64-bit systems, exemplified by the latest modifications to the Rovnix bootkit.

The Java exploit for CVE-2012-1723 is already included in the latest update of the BlackHole exploit kit.

Carberp is a unique case, with all the guys who organized really big botnets and made big profits (millions of US dollars) being arrested.

Aleksandr Matrosov and Eugene Rodionov presented their research into “Smartcard vulnerabilities in modern banking malware” at PHDays’2012.

Group-IB and ESET Russia assisted in the investigation that led to the arrest of 6 people suspected of stealing 125m roubles from bank customers in Russia .

The latest research on the Win32 Carberp gang and the technicalities and evolution of the malware, as presented at CARO 2012.

Aleksandr Matrosov notes a new exploit kit approach to hiding redirects using implicit iFrame injection. (NB Nuclear Pack, not Blackhole.)

The Blackhole exploit kit has been updated to version 1.2.3 and includes a new exploit for the Java CVE-2012-0507 vulnerability, which ESET calls Java/ Exploit.CVE-2012-0507

Group-IB’s joint investigations with the FSB and MVD resulted in the arrest of a gang of eight accused of larceny, creation of malware, and unauthorized access.

ESET is seeing a new step of evolution for the Rovnix bootkit family.