malvertising – Page 3 – WindowsTechs.com

CISA tells agencies to consider ad blockers to fend off ‘malvertising’

Posted on January 14, 2021 by Tim Starks

The U.S. Cybersecurity and Infrastructure Security Agency urged federal agencies on Thursday to deploy ad-blocking software and standardize web browser usage across their workforces in order to fend off advertisements implanted with malware. “With many agencies greatly expanding telework options, agencies should increase attention on securing federal endpoints, including associated web browsing capabilities,” the Department of Homeland Security’s cyber arm said in a guide for agencies. With the alert, CISA joins the National Security Agency, which in 2018 likewise urged agencies to adopt ad blockers in response to the threat from “malvertising” that can spread malware. However, CISA cautioned that ad blockers aren’t a cure-all for the issue of malicious adversiting which in recent months has plagued TikTok and a slew of industries during the coronavirus. “Some browser extensions are known to accept payment from advertisers to ensure their ads are allowlisted from blocking,” the agency said, citing concerns that […]

The post CISA tells agencies to consider ad blockers to fend off ‘malvertising’ appeared first on CyberScoop.

Continue reading CISA tells agencies to consider ad blockers to fend off ‘malvertising’→

Adrozek Malware Delivers Fake Ads to 30K Devices a Day

Posted on December 11, 2020 by Becky Bracken

The Adrozek ad-injecting browser modifier malware also extracts device data and steals credentials, making it an even more dangerous threat. Continue reading Adrozek Malware Delivers Fake Ads to 30K Devices a Day→

Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack

Posted on November 16, 2020 by Lindsey O'Donnell

A fake Java update found on various porn sites actually downloads the well-known Zloader malware. Continue reading Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack→

Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns

Posted on October 29, 2020 by Tara Seals

Malicious redirection websites are using typosquatting and impersonation to attack unwary visitors. Continue reading Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns→

TikTok scrubs ads promoting diet pills, fake apps after Tenable report

Posted on September 3, 2020 by Jeff Stone

Silly scammers, TikTok is for kids. The video-sharing app, which claims some 49 million daily active users in the U.S., said Thursday it removed an array of advertisements from its central #ForYou page that marketed suspicious diet pills, fake mobile apps and other inauthentic services. The removal came after researchers from the security firm Tenable alerted TikTok about an ecosystem of promotions that aim to defraud users out of money, trick them into downloading shady apps or collect their personally identifiable information. Some ads promise to compensate users who download mobile apps and run those programs for three minutes, a tactic that allows attackers to subvert security controls. Other messaging masquerades as news articles, apparently from CNN or Fox News, that include celebrities marketing “free” weight loss pills. “Scammers see [TikTok] users as a means to an end – the goal is to prey on consumer insecurities and desires to […]

The post TikTok scrubs ads promoting diet pills, fake apps after Tenable report appeared first on CyberScoop.

Continue reading TikTok scrubs ads promoting diet pills, fake apps after Tenable report→

Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors

Posted on July 16, 2020 by Krasimir Konov

Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites.
During a recent investigation, we discovered a fake component which was masquerading as a legitimate plugin. Named SiteSpeed, it conta… Continue reading Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors→

Google fights spammy extensions with new Chrome Web Store policy

Posted on May 1, 2020 by Lisa Vaas

The policies are specifically meant to fight spam, but they outlaw tactics taken by malicious extensions as well, including fake reviews. Continue reading Google fights spammy extensions with new Chrome Web Store policy→

Scammers are abusing mobile ad networks in an attempt to phish Android app users

Posted on April 29, 2020 by Jeff Stone

A network that delivers ads to hundreds of Android apps also is directing users to malicious websites that could help scammers steal their information or overrun their device with spam. At least 400 apps in Google’s Play Store come embedded with proprietary software that is designed to help app developers monetize their program by serving ads. Scammers are exploiting that process, though, by inserting malicious ads into the software development kits (SDKs) which are meant to help developers earn a living. Domains and URLs sent in ads from the distribution framework known as StartApp flood users with links to malicious sites or push notifications for spam, according to new findings from mobile security firm Wandera provided exclusively to CyberScoop. StartApp, created and run by a New York-based marketing firm, does not appear to be behind any malicious content, though it is compensated by other firms that supply it with the malicious ads. StartApp did not […]

The post Scammers are abusing mobile ad networks in an attempt to phish Android app users appeared first on CyberScoop.

Continue reading Scammers are abusing mobile ad networks in an attempt to phish Android app users→

49 malicious Chrome extensions caught pickpocketing crypto wallets

Posted on April 16, 2020 by Lisa Vaas

They were posing as crypto wallets in order to rip off users’ private keys and mnemonic phrases and drain real wallets. Google’s yanked them. Continue reading 49 malicious Chrome extensions caught pickpocketing crypto wallets→

Copycat Site Serves Up Raccoon Stealer

Posted on April 9, 2020 by Tara Seals

Visitors to the fake site expecting antivirus offerings will instead encounter the Fallout exploit kit and a possible malware infection. Continue reading Copycat Site Serves Up Raccoon Stealer→