Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials — ironically — via fraudulent Google ads.
The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages. We believe their goal is to resell those accounts on blackhat forums, while also keeping some to themselves to perpetuate these campaigns.
This is the most egregious malvertising operation we have ever tracked, getting to the core of Google’s business and likely affecting thousands of their customers worldwide. We have been reporting new incidents around the clock and yet keep identifying new ones, even at the time of publication.
Invitations to try a beta lead to a fake game website where victims will get an information stealer instead of the promised game
A researcher has discovered a data broker had stored 644,869 PDF files in a publicly accessible cloud storage container.
Apple has issued patches for several of its operating systems. The ones for iOS and iPadOS deserve your immediate attention.
Chatbot companion platform muah.ai was hacked and had its chatbot prompts stolen.
Beware before calling Apple for assistance as scammers are creating malicious ads and fake pages to lure you in.
Criminals are impersonating MyLowesLife, Lowes' HR portal for current and former employees.
A notorious cybercriminal involved in breaches has released a database containing 70 million US criminal records.
Our researchers found fake sponsored search results that lead consumers to a typical fake Microsoft alert site set up by tech support scammers.
A malicious ad for the popular admin tool PuTTY leads victims to a fake site that downloads malware.
Data from a Chinese cybersecurity vendor that works for the Chinese government exposed a range of hacking tools and services.
Compromised websites are being used to redirect to fake browser updates and deliver malware onto Mac users.
The FBI is investigating a data breach where cybercriminals were able to steal patients’ records from a Las Vegas plastic surgeon's office and then publish them online.
Users looking to download a popular PC utility may be tricked in this campaign where a threat actor has registered a website that copies content from a PC and Windows news portal.
First publicly reported in 2018, DarkGate is a Windows-based malware with a wide-range of capabilities including credential stealing and remote access to victim endpoints. Until recently, it was only seen being delivered through traditional email malspam campaigns. In late August 2023, however, researchers at Trusec found evidence of a campaign using external Teams messages to deliver the DarkGate Loader.
In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain.
We believe this evolution will have a real world impact among corporate users getting compromised via malicious ads eventually leading to the deployment of malware and ransomware.
In this blog post, we look at a malvertising campaign that seems to have flown under the radar entirely for at least several months. It is unique in its way to fingerprint users and distribute time sensitive payloads.
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco's brand and is displayed first when performing a Google search.
Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix.
While the official conflict between Russia and Ukraine began in February 2022, there is a long history of physical conflict between the two nations, including the 2014 annexation of Crimea by Russia and when the regions of Donetsk and Luhansk declared themselves independent from Ukraine and came under Russia's umbrella. Given this context, it would not be surprising that the cybersecurity landscape between these two countries has also been tense.
