Jul 16, 2024NewsroomMobile Security / Online Security Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a … [Read more...] about ‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
Malicious
Prevent Breaches by Spotting Malicious Browser Extensions
As workforce productivity increasingly depends on web-based applications, browsers have become essential gateways to the “connectivity economy.” According to recent data, 93% of desktop internet traffic in 2023 traversed through four popular web browsers. With their diverse functionalities and use cases, browsers are the most used desktop applications. To further expand their … [Read more...] about Prevent Breaches by Spotting Malicious Browser Extensions
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall Street Journal, … [Read more...] about FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
Apr 30, 2024NewsroomDocker Hub / Supply Chain Attack Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious "imageless" containers over the past five years, once again underscoring how open-source registries could pave the way for supply chain attacks. "Over four million of the repositories in Docker Hub are … [Read more...] about Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Apr 02, 2024NewsroomFirmware Security / Vulnerability The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when … [Read more...] about Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
Mar 30, 2024NewsroomMalware / Cryptocurrency Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, … [Read more...] about Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
Jan 26, 2024NewsroomMalvertising / Phishing-as-a-service Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote … [Read more...] about Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
Malicious browser extensions in 2023
We often write here on these blog pages about how browser extensions can be very dangerous. To illustrate this fact, we decided to dedicate an article to it. In this post, we’ll look at the most interesting, unusual, widespread, and dangerous cases involving malicious extensions in 2023. We’ll also discuss what these extensions were capable of — and, of course, how to protect … [Read more...] about Malicious browser extensions in 2023
Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, … [Read more...] about Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Malicious Google Ads Trick WinSCP Users into Installing Malware
Nov 17, 2023NewsroomMalvertising / Malware Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. "The malicious advertisement directs the user to a … [Read more...] about Malicious Google Ads Trick WinSCP Users into Installing Malware