Malvertising scam compromises 10,000+ websites; researchers suggest ad network and resellers may be culpable
A malicious actor posing as a web publisher compromised more than 10,000 WordPress websites in an elaborate malvertising campaign involving various ad resellers and at least one major ad network, according to researchers.
The first quarter of 2018 saw a dramatic increase in the number of cyberattacks targeting consumer-grade routers.
The RIG exploit kit has been causing trouble again, this time delivering a backdoor trojan called Grobios, which takes great pains to avoid detection and evade virtual and sandbox environments.
Two of the top three crimes, non-payment/non-delivery, and personal data breaches were also in the top spot in 2016 while phishing beat out 419/overpayment scams which dropped to fourth place in 2017, affecting only 23,135 victims compared to the 25,716 victims in 2016.
A recently uncovered tech support scam campaign has compromised thousands of websites with malicious ad injections that redirect users to a browser locker page that claims their computers are infected.
An imitation of the popular Telegram app made its rounds on Google Play as Russian government ordered the immediate blocking of messaging app.
Malwarebytes has closely examined a relatively new fake update scam that uses a combination of legitimate websites, a real cloud storage site and excellent social engineering to pass along either a banking Trojan and remote access tool to its victims.
It should come as no surprise to anyone in the cybersecurity industry that cryptocurrency mining is increasing at an incredible rate, but the rate of increase might come as a surprise.
Malicious actors managed to foil Google's Play Protect app vetting process and place numerous malicious apps into the store Sophos Labs by having them lay doggo before finally activating and bombarding the victim with unwanted ads.
A Latvian national who at one point was the fifth most wanted cybercriminal in the U.S. pleaded guilty this week in federal court to supporting a scareware scheme targeting users of the Minneapolis Star Tribune's website.
Cybercriminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites.
A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.
Cybercrimals attempting to take advantage of Twitter users curiosity over who visits their page are using a new form of bait that advertises the ability to track such visits.
A massive malvertising operation bought an estimated 1 billion ad views in 2017 under the guise of 28 different fake ad agencies, in what a new report is calling the largest operation of its kind last year.
A phony and malicious application imitating the Telegram app made its way into the Google Play Store posing as a newer updated version of the popular messaging app.
Malwarebytes researcher Jerome Segura analyzed a RIG exploit campaign distributing malware coin miners.
Trend Micro researchers spotted two ATM malware families which raise concern of what's to come.
Cybercriminals using the Terror exploit kit have recently starting using SSL certificates to help sneak the EK and its malware passed cybersecurity staffers.
Forces of the dark side are hijacking send-to-a-friend (a.k.a. share-with-a-friend) social sharing modules to send random Star Wars quotes and malicious links.
Matrix ransomware is now being distributed via the RIG exploit kit on various sites displaying malvertising.
Kovter Group malvertising campaign put millions at risk of ad fraud malware infections. Fake browser updates hoodwink users into installing malware.
Native ad and content provider Taboola is being abused by tech support scammers to serve malvertising.
Even with increased awareness and the availability of patches, the vulnerabilities are unlikely to disappear soon, researchers said.
Beijing officials arrested 11 individuals linked to the Fireball malware after receiving a tip from someone operating under the pseudonym "Zhang Ming."
A year-old malvertising campaign has helped researchers uncover a new exploit kit (EK) called Sundown-Pirate that is being used to deliver a plethora of malware types.
A new variant CryptoMix ransomware is appending the .EXTE extension to the names of the folders it captures.