Lucene search
K

441 matches found

Malwarebytes
Malwarebytes
added 2024/07/30 5:23 p.m.12 views

Threat actor impersonates Google via fake ad for Authenticator

We have previously reported on the brand impersonation issue with Google ads: users who search for popular keywords are shown malicious ads that purport to be from an official vendor. Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it als...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/16 1:0 p.m.17 views

'Konfety' Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins

Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/15 8:1 a.m.14 views

A week in security (July 8 – July 14)

Last week on Malwarebytes Labs: "Nearly all" AT&T customers had phone records stolen in new data breach disclosure Fake Microsoft Teams for Mac delivers Atomic Stealer Dangerous monitoring tool mSpy suffers data breach, exposes customer details iPhone users in 98 countries warned about spyware by...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/12 4:35 p.m.30 views

Fake Microsoft Teams for Mac delivers Atomic Stealer

Competition between stealers for macOS is heating up, with a new malvertising campaign luring Mac users via a fraudulent advert for Microsoft Teams. This attack comes on the heels of the new Poseidon OSX.RodStealer project, another threat using a similar code base and delivery techniques. Based o...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/03 7:5 a.m.43 views

FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks

The loader-as-a-service LaaS known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma,...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/27 1:0 p.m.19 views

‘Poseidon’ Mac stealer distributed via Google ads

On June 24, we observed a new campaign distributing a stealer targeting Mac users via malicious Google ads for the Arc browser. This is the second time in the past couple of months where we see Arc being used as a lure, certainly a sign of its popularity. It was previously used to drop a Windows...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/21 9:51 a.m.27 views

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster aka Broomstick and CleanUpLoader. That's according to findings from Rapid7, which identified lookalike websites hosting the malicious payload...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/17 8:28 p.m.23 views

Malvertising Campaign Leads to Execution of Oyster Backdoor

The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/17 8:28 p.m.10 views

Malvertising Campaign Leads to Execution of Oyster Backdoor

The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/15 9:51 a.m.38 views

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile...

7AI score
Exploits0
Talos Blog
Talos Blog
added 2024/06/05 12:0 p.m.25 views

DarkGate switches up its tactics with new payload, email templates

This post was authored by Kalpesh Mantri. Cisco Talos is actively tracking a recent increase in activity from malicious email campaigns containing a suspicious Microsoft Excel attachment that, when opened, infected the victims system with the DarkGate malware. These campaigns, active since the...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/24 12:50 p.m.17 views

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware

Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which lo...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/23 5:3 p.m.11 views

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations an...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/20 9:26 a.m.16 views

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail

A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic aka AMOS, Vidar, Lumma aka LummaC2, and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/20 7:4 a.m.14 views

A week in security (May 13 – May 19)

Last week on Malwarebytes Labs: Deleted iPhone photos show up again after iOS update Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it Notorious data leak site BreachForums seized by law enforcement Apple and Google join forces to stop unwanted tracking Upda...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/14 10:44 a.m.35 views

Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls

Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation. "The incident involves a threat actor overwhelming a user's email with junk and...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/05/13 7:17 p.m.48 views

Ongoing Malvertising Campaign leads to Ransomware

Executive Summary Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains. In at least one observed case, the infection has led to the attempted...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/11 7:29 a.m.16 views

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands,...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/23 9:10 p.m.23 views

Google ad for Facebook redirects to scam

Today, we are looking at a malicious ad campaign targeting Facebook users via Google search. It is well-known that tech support scammers attract new victims by buying ads for certain keywords related to their audience. What is perhaps less known is how it is even possible to impersonate top brand...

6.9AI score
Exploits0
HackRead
HackRead
added 2024/04/22 11:12 a.m.18 views

Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor

By Deeba Ahmed IT professionals are under attack! This article exposes a malicious malvertising campaign targeting IT teams with a novel backdoor named MadMxShell. Learn how attackers use typosquatting and DNS techniques to compromise systems. This is a post from HackRead.com Read the original...

7.2AI score
Exploits0
Rows per page
Query Builder