Podcasts about Malvertising

Video - https://youtu.be/W7OhAy57tI8Think online ads are harmless? Think again. This video reveals the red flags you NEED to watch out for before clicking that tempting deal. Your device—and your data—could depend on it. Don't miss these crucial tips to stay safe online!I used ChatGPT-4o, ScreenPal, and Pictory.ai to put this information together.If you're interested in trying Pictory.ai please use the following link. https://pictory.ai?ref=t015o

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of the LimaCharlie community.The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant operational challenges as budget constraints force it to scale back key cybersecurity programs.Scammers are taking a new approach to extortion by mailing physical ransom letters to victims, claiming to be the operators of the BianLian ransomware group.A newly identified advanced persistent threat (APT) group, dubbed "Crafty Camel," has been targeting aviation operational technology (OT) systems using a sophisticated technique involving polyglot files. A new malvertising campaign is leveraging deceptive online ads to distribute information-stealing malware hosted on GitHub, highlighting an ongoing evolution in cybercriminal tactics.Security researchers have disclosed details of multiple vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems that could be exploited to facilitate attacks on industrial environments.

Law enforcement shutters Garantex crypto exchange. NTT discloses breach affecting corporate customers. Malvertising campaign hits nearly a million devices. AI's role in Canada's next election. Scammers target Singapore's PM in AI fraud. Botnets exploit critical IP camera vulnerability. In our International Women's Day and Women's History Month special, join Liz Stokes as she shares the inspiring stories of women shaping the future of cybersecurity. And how did Insider threats turn a glitch into a goldmine? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In this special International Women's Day edition, we shine a spotlight on the incredible women in and around our network who are shaping the future of cybersecurity. Join Liz Stokes as we celebrate Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, Gianna Whitver, CEO & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Maria Velasquez, Chief Growth Officer & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Chris Hare, Project Management Specialist and Content Developer at N2K Networks, and host of CertByte, Ann Lang, Project Manager at N2K Networks, Jennifer Eiben, Executive Producer at N2K Networks, and Maria Varmazis, host of the T-Minus Space Daily show at N2K Networks for their achievements, resilience, and the invaluable contributions they make to keeping our digital world secure. Selected Reading Russian crypto exchange Garantex's website taken down in apparent law enforcement operation (The Record) Data breach at Japanese telecom giant NTT hits 18,000 companies (BleepingComputer) Malvertising campaign leads to info stealers hosted on GitHub (Microsoft) Canadian intelligence agency warns of threat AI poses to upcoming elections (The Record)  Deepfakes of Singapore PM Used to Sell Crypto, Residency Program (Bloomberg)  Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets (SecurityWeek) Magecart: How Akamai Protected a Global Retailer Against a Live Attack (Akamai)  Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets (BleepingComputer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Referências do EpisódioMalvertising campaign leads to info stealers hosted on GitHubGreyNoise Detects Active Exploitation of Silk Typhoon-Linked CVEsKibana 8.17.3 Security Update (ESA-2025-06)Over 37,000 VMware ESXi servers vulnerable to ongoing attacksA Deep Dive into Strela Stealer and how it Targets European CountriesUnmasking the new persistent attacks on JapanUnmasking GrassCall Campaign: The APT Behind Job Recruitment Cyber ScamsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Senior Microsoft Security Researcher Kajhon Soyini to explore the Luma Stealer cryptocurrency mining campaign targeting individual computers as part of a large-scale malvertising campaign. They discuss the sophisticated attack chain, which includes DLLs, clipboard malware, process injection via Explorer.exe, and how this impacted nearly one million devices around the globe.   Kajhon explains how attackers use registry modifications, WMI event consumers, and obfuscation techniques like non-standard ports and reverse shells to maintain persistence and evade detection. The duo also covers Microsoft's defense efforts and the challenges of tracking down the origins of these attacks.  In this episode you'll learn:       Why the attack chain incorporates legacy malware like NetSupport RAT  The overlap between the Luma Stealer and Donarium malware families  How Luma Stealer uses GitHub repositories and redirector networks to deliver malicious payloads    Some questions we ask:         Can you explain how the malware uses the “image file execution objects” registry path?  What role does Netcat play in this campaign's command and control?  Why do people still mine cryptocurrency today, with all the complexities and attack methods?    Resources:   View Kajhon Soyini on LinkedIn   View Sherrod DeGrippo on LinkedIn   Connect with Sherrod and the team at RSAC    Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

[Referências do Episódio] ESET Threat Report H2 2024 - https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ “DeceptionAds” - Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising - https://labs.guard.io/deceptionads-fake-captcha-driving-infostealer-infections-and-a-glimpse-to-the-dark-side-of-0c516f4dc0b6 CoinLurker: The Stealer Powering the Next Generation of Fake Updates - https://blog.morphisec.com/coinlurker-the-stealer-powering-the-next-generation-of-fake-updates Technical Analysis of RiseLoader - https://www.zscaler.com/blogs/security-research/technical-analysis-riseloader Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Malvertising is short for malicious advertising, and attacks and compromises systems by spreading advertisements injected with malicious code. Confidence Staveley, Africa's most celebrated female cybersecurity leader, is the founder of the Cybersafe Foundation, a Non-Governmental Organization on a mission to facilitate pockets of changes that ensure a safer internet for everyone with digital access in Africa. In this episode, Confidence joins host Amanda Glassner to discuss. To learn more about Confidence, visit her website at https://confidencestaveley.com, and for more on the CyberSafe Foundation, visit https://cybersafefoundation.org.

In today's episode, we're diving into the hidden dangers of malicious installers, software cracks, and deceptive ads on Google. We'll explore recent stories, including the SteelFox malware that's hijacking Windows PCs, stealing credit card data, and mining cryptocurrency using vulnerable drivers. Plus, we'll uncover a new wave of malvertising attack scams targeting eBay users and how scammers are leveraging Google Ads to lure unsuspecting victims into calling fake support numbers. With digital crime and data breaches on the rise, it's essential to stay informed and protect yourself from these evolving threats. Tune in as we break down the techniques hackers are using to bypass antivirus software, escalate system privileges, and steal valuable data – and what you can do to avoid falling victim to these cyber threats. Whether you're a tech enthusiast, developer, or just curious about cybersecurity, this episode is packed with insights that could save you from a dangerous download! #MalvertisingAttack #CyberSecurity #Malware #Hacking #DataBreach #DigitalCrime #SteelFox #Malvertising #GoogleAds #DataPrivacy #CyberThreats #Hackers #DataProtection #DigitalSecurity #CryptoMining #Antivirus #VulnerableDrivers #NationStateHacking #SystemPrivilege #Ransomware #APT #SoftwareCracks #MaliciousSoftware #OnlineScams #eBayScam #Torrents #CyberAwareness #InfoStealer #FakeSupport #SocialEngineering #HackersExplained

In der elften Folge von "Passwort" reden Sylvester und Christopher über einige Security-News der vergangenen Tage. Den Anfang macht eine Remote-Code-Execution-Lücke in Windows, die durch manipulierte IPv6-Pakete ausgelöst wird und bis jetzt noch für verdächtig wenig Aufregung sorgt. Ein bekannter Tech-Youtuber ging durch Phishing seines X-Kontos verlustig und Google ließ sich Fake-Werbung für seine eigenen Sicherheitsprodukte unterschieben - das erstaunt die Hosts, die mit mehr Gegenwehr seitens der Opfer gerechnet hätten. Außerdem geht es um einen Cyberkriminellen, der sich einen Datenschatz bei einer Darknet-Überwachungsfirma zusammenkratze und eine in letzter Sekunde verhinderte massive Supply-Chain-Attacke gegen Python. Für Liebhaber CA-bezogener Neuigkeiten gibt's am Ende noch ein Schmankerl, bei dem auch Juristen mitmischten. - PwnedPasswords Downloader: https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader - Für hartgesottene, die trotz Sylvesters Warnung einen E-Mail-Server selbst hosten möchten: https://github.com/postalserver/postal

This week's full broadcast of Computer Talk Radio includes: - 00:00 - Nerd Myths instead of news - Microsoft, NASA, HP printers, Amazon Prime, DJI drones - 11:00 - Listener Q&A - identifying product - Kari hears Benjamin state if you aren't sure of the product… - 22:00 - iOS 18 and public beta programs - Keith and Benjamin discuss factors for trying beta software - 31:00 - Marty Winston's Wisdom - Marty talks Hisense Roku TV and experiences with antennas - 39:00 - Scam Series - Malvertising - Benjamin warns of basic concerns to avoid malvertising - 44:00 - Keske on automation over years - Benjamin and Steve talk about mass production and automation - 56:00 - Dystopia may be closer than… - Benjamin answers Bobby on 3rd party items, Elizabeth on wifi - 1:07:00 - Professional IT Series - 286 - Benjamin sees George Orwell's nightmares are getting closer - 1:16:00 - Professional IT Series - 286 - Benjamin observes hushed hybrid, and notes the problems - 1:24:00 - Listener Q&A - overheating tech - JD asks how to address summertime heat with his smartphone

Jess Kelly, Newstalk's Technology Correspondent, joined Seán to discuss ‘Malvertising' - online viruses and malware, disguised as regular ads! They go through how hackers use them, and how you can avoid them.

Jess Kelly, Newstalk's Technology Correspondent, joined Seán to discuss ‘Malvertising' - online viruses and malware, disguised as regular ads! They go through how hackers use them, and how you can avoid them.

Video - https://youtu.be/cb90-ZfIu6I Discover the hidden dangers lurking behind seemingly harmless online ads. Dive into the world of malvertising and learn how cybercriminals use fake ads to infect your devices with malware. Stay informed and protect yourself with essential tips to avoid these digital traps. Watch now to safeguard your online experience!My thanks to Nyrmah J. Reina for the original article on the Avast BlogYou'll find her article at: https://tinyurl.com/286mylka I used GPT-4o and Pictory.ai to put this information together. If you're interested in trying Pictory.ai please use the following link. https://pictory.ai?ref=t015o --- Support this podcast: https://podcasters.spotify.com/pod/show/norbert-gostischa/support

Video - https://youtu.be/r9bHy49_ptg Malvertising is a silent but deadly threat in the vast ocean of digital advertising. By understanding its history, recognizing how it's used today, and implementing measures to avoid its pitfalls, you can navigate the web more safely. I used Copilot and Pictory.ai to put this masterpiece together. If you're interested in trying Pictory.ai please use the following link. https://pictory.ai?ref=t015o --- Support this podcast: https://podcasters.spotify.com/pod/show/norbert-gostischa/support

Today we unravel the second ransomware extortion of Change Healthcare by RansomHub, the cunning malvertising campaign targeting IT pros with malware-laden ads for PuTTY and FileZilla, and the deceptive tactics on GitHub fooling developers into downloading malware. Discover protective strategies and engage with expert insights on bolstering defenses against these evolving cyber threats. Original URLs: https://www.securityweek.com/second-ransomware-group-extorting-change-healthcare/ https://www.helpnetsecurity.com/2024/04/10/malvertising-putty-filezilla/ https://thehackernews.com/2024/04/beware-githubs-fake-popularity-scam.html https://www.bleepingcomputer.com/news/security/malicious-visual-studio-projects-on-github-push-keyzetsu-malware/ Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: cybersecurity, ransomware, malvertising, GitHub scams, Change Healthcare, IT professionals, data protection, cybercrime, malware, software development Search Phrases: How to protect against ransomware attacks Strategies to combat malvertising campaigns Tips for IT professionals on avoiding malicious ads Safeguarding software development from GitHub scams Change Healthcare ransomware extortion case study Cybersecurity advice for IT administrators Dealing with malware in system utilities ads Best practices for data protection in healthcare Understanding cybercrime tactics on GitHub Preventing repeated ransomware extortions Transcript: Transition (Long) 2 Welcome back to the Daily Decrypt. Change Healthcare falls victim to a second ransomware extortion in just a month, now at the hands of the Emergent Ransom Hub Group, wielding over 4 terabytes of sensitive data stolen in the February 2024 cyberattack. Which comes as a result from the Black Cat Exit Scam. Next, we're turning over to a new malvertising campaign where searching for essential utilities for IT professionals like Putty and Filezilla leads to malware laden ads, and you all know what I'm going to say about this. Don't click Google Ads. And finally, GitHub becomes a battlefield as cybercriminals exploit its search functionality to trick developers into downloading repositories full of malware. How can developers ensure the repositories they download from GitHub are safe and not just traps set by cybercriminals? All right, so at the end of February of this year, you may remember that Change Healthcare, which is a subsidiary of UnitedHealthcare, was the victim of a ransomware attack by the notorious and since disbanded ransomware group named Black Cat. Well, Change Healthcare finds itself in the crosshairs of a ransomware extortion scheme for the second time in just over a month, coming from a new ransomware group called Ransom Hub. There hasn't been a second attack. But this is believed to be a result of the exit scam that Black Cat pulled, where they kept all of the ransom payment that Change Healthcare had made. Allegedly, Optum, which is a subsidiary of Change Healthcare, paid Black Cat 22 million in ransom after the attack. Black Cat then pulled an apparent exit scam and disappeared without paying the affiliate who carried out the attack. And according to Qualys Cyber Threat Director Ken Dunham, it's not uncommon for companies that give in and pay these ransoms to quickly become additional targets or soft targets where their information is extorted again and again and again. Paying and giving into these ransomware artists might seem like a quick fix to your problems, but once you've proven that you will and can pay, they're gonna come after you again. The data doesn't just disappear or get deleted. It's very valuable, and in this case it's worth 22 million dollars, so even if the attackers say they're gonna delete it, maybe they won't and maybe they'll come hit you again. So even though Black Cat has disbanded, whether or not they were taken down by the FBI or performed an exit scam, The data that they pillaged from Change Healthcare is now in the hands, or supposedly in the hands, of a group called Ransomhub, which is extorting Change Healthcare all over again. IT professionals have found themselves at the crosshairs of an ongoing malvertising campaign. These attackers are using malicious Google Ads to disguise malware as popular system utilities, like Putty, which is a free SSH IntelNet client. And FileZilla, which is a FTP application. This research comes from Malwarebytes researcher Jerome Segura, and he points out that even after alerting Google about these malicious ads, the campaign continues unabated. This sophisticated scheme begins when IT administrators search for these utilities on Google. The top search results, or sponsored ads, lead them through a series of cloaking pages. These pages are designed to filter out non target traffic such as bots or security researchers, directing only potential victims to imitation sites. Unwittingly, when these IT administrators download what they believe to be legitimate software, they instead receive nitrogen malware, which is a dangerous software for cybercriminals, enabling them to infiltrate private networks or steal data, deploy ransomware attacks, and was used by the notorious Black Cat from the previous story. The method of infiltration is known as DLL sideloading, which involves the malware masquerading as a legitimate and signed executable to launch a DLL, thereby avoiding detection. So what this essentially means is these IT professionals are probably getting the tool, FileZilla, Putty, that they're looking for, The functionality might remain exactly the same, which only serves to benefit the attackers because once the IT professionals download the software, there's no indicators that it's incorrect or fake, but this software such as Putty or FileZilla will then launch a separate DLL, which is just an executable that contains the malware. So one way you can prevent this as someone downloading software from the web, is to find what's called an MD5 hash, which is essentially a signature of sorts that verifies the integrity of the file you've downloaded. Now, hashing isn't necessarily something we need to get into, Right now on this podcast, but all you need to know is it's sort of like math where you multiply the data from within this piece of software or do algebra or something to create this long string of characters. that can't be replicated if the files have been altered. So as soon as the files are altered, the mathematical equation puts out a different set of characters, right? So the creators of the software release this hash, they display it on their website, and then when you download the software, you run the same algorithm against that software to see if those two hashes match. Now I personally am guilty of Not always checking the hash for softwares. And I know a lot of other IT professionals are guilty of that as well, but it's time to set up a new good habit and consistently check these hashes, maybe even develop a web scraper that will go grab the hash and also run the software through it, comparing it, reducing the amount of work you have to do on the other end, but in summary, as I always say, do not click Google ads unless you absolutely have to, unless the thing you're searching for down below. Unless the thing you're specifically searching for is not in the search results below, and is only present in the advertisement, which will probably only be for things like thedailydecrypt. com, where I haven't been around long enough to boost my search result ranking naturally, so eventually maybe I'll start buying ad space, trying to get to people who are looking for the content that we're providing. But if you're going to download some software, there's no need to click the ads, especially something as popular as FileZilla or PuTTY, VS Code, whatever you're trying to download, go find it in the search results. Do not click the ad. And in a similar vein, let's talk about a scam on GitHub that's fooling developers into downloading dangerous malware. Cybercriminals are exploiting GitHub's search features, luring users into downloading fake yet seemingly popular repositories. This scheme has been identified to distribute malware hidden within Microsoft Visual Studio Code project files, which are cunningly designed to fetch further malicious payloads from remote URLs, as reported by checkmarks. So the attackers are mimicking popular repositories and employing automated updates and fake stars to climb GitHub's search rankings. So unlike Google, I don't believe there are ads you can buy in GitHub search to boost your search rankings. So attackers are becoming a little more creative. Making the repository look like it's consistently updated, helps boost the search rankings, and then naming the repositories, things that developers are constantly searching for will also help boost its rankings in its SEO. So since many of these repositories are disguised legitimate projects, it can be pretty tricky to identify them, but among the discoveries, some repositories were found downloading an encrypted file named feedbackapi. exe. which is an executable and is notably large at 750 megabytes. This executable is designed to bypass antivirus detection and deploy malware, similar to the Kizetsu Clipper, a notorious tool known for hijacking cryptocurrency transactions. And unlike softwares downloaded from the internet by clicking on Google ads in the previous story, there may or may not be hashes for these repositories. Most likely not. Sometimes if they're an executable or a package, they'll provide a hash. But if you're on the GitHub repository, you think it's legit, they might list the hash, but that's just the hash to their malware, giving you a false sense of security, just be extra vigilant when you're downloading anything to your computer, especially open source things that are generally found on GitHub, it can't be that hard to create. A thousand GitHub accounts, or maybe even you can buy them online. And that immediately gives your repo a thousand stars, making it look legitimate. So if you're looking for a tool, it's best to find it on the web within, from within a reputable website. GitHub search feature is not the most reliable. And that's all I've got for you today. Thanks so much for tuning in. Today I'll be traveling to Florida to Participate in the Hackspace conference where I'm really excited to learn a little bit more about how cybersecurity and satellites and other spacecraft intertwine. I'll also be meeting up with dogespan where we'll hopefully do a joint episode, our first ever one in person. So be sure to tune in tomorrow for that episode.

Today, we uncover a Roblox malware scam, explore the rise of FakeBat through malvertising, and highlight Tor's innovative WebTunnel for evading censorship. From the playful realms of Roblox to the frontlines of digital freedom with Tor, this episode is a journey through the evolving challenges and solutions in our online world. Protect your digital footprint and join the conversation on cybersecurity, privacy, and the relentless quest for a free internet. Article URLs: Roblox: https://www.zscaler.com/blogs/security-research/tweaks-stealer-targets-roblox-users-through-youtube-and-discord FakeBat: https://www.malwarebytes.com/blog/threat-intelligence/2024/03/fakebat-delivered-via-several-active-malvertising-campaigns TOR: https://www.bleepingcomputer.com/news/security/tors-new-webtunnel-bridges-mimic-https-traffic-to-evade-censorship/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Roblox, malware, cybersecurity, digital privacy, FakeBat, malvertising, Tor, WebTunnel, online security, internet censorship, gaming, digital rights, data protection, hacking, antivirus Search Phrases: How to protect against Roblox malware Understanding malvertising and FakeBat malware Tor's WebTunnel for bypassing internet censorship Latest cybersecurity threats 2024 Safe gaming practices for parents and children Fighting digital surveillance and censorship Effective antivirus and malware protection tips Digital privacy concerns in online platforms Strategies for secure internet browsing Overcoming hacking in gaming communities Enhancements in Tor for secure communication Detecting and preventing online ad-based malware Innovations in digital privacy and security Techniques for safeguarding personal data online Analysis of current cyber threats and solutions Transcript: Mar 14 [00:00:00] offsetkeyz: A nefarious malware targets Roblox users, tricking them with the false promise of enhanced gameplay, only to steal personal information. [00:00:12] HGF: Fake bat malware leaps from the shadows of online ads, preying on unsuspecting victims with the disguise of legitimacy. [00:00:20] offsetkeyz: Tor Project unveils WebTunnel, a masterstroke in digital disguise. Outmaneuvering censorship with a stealthy sophistication. In the digital playground of Roblox, a new villain lurks. Not in the game, but in the guise of a performance boost. [00:00:42] HGF: Oh, Roblox, where my niece says she's gonna be the next digital Picasso. But really, what is it? Just a bunch of blocky characters bumping into each other? [00:00:50] offsetkeyz: It's more than that. Roblox is a sprawling online platform that lets users design, play, and share their own games and experiences. Think of it as [00:01:00] a digital Lego set, but with infinite pieces and possibilities. [00:01:04] HGF: Infinite pieces? You're saying if I wanted to build a castle with a moat filled with laser sharks, I could? Mmm, [00:01:11] offsetkeyz: sharky. Absolutely! Roblox provides the tools and the canvas. Your imagination brings it to life! Roblox It's powered by a robust game development system that lets creators script events, design levels, and even monetize their creations. [00:01:27] HGF: Monetize? So kids are making bank on this? My lemonade stand suddenly seems less impressive. [00:01:34] offsetkeyz: Yep, gone of the days of lemonade stands. Some developers on Roblox earn serious money through in game purchases using a virtual currency called Robux. It's a whole economy. Roblox is a vibrant community with millions of user generated games. There's something for everyone, from obstacle courses and simulators, to role playing games and beyond. But here's the twist. Discovered by Zscaler's Threat [00:02:00] Labs, attackers are exploiting platforms like YouTube and Discord to distribute a malware called Tweaks, or Tweaker. It promises to optimize your frames per second, but instead it's a one way ticket to Hacksville. So, [00:02:15] HGF: it's like ordering a performance enhancing smoothie but ending up with a bellyache that steals your wallet? [00:02:21] offsetkeyz: Oh yeah, there are tummyache survivors out there. But this PowerShell based malware silently siphons off sensitive data. Think Wi Fi passwords, location, Roblox IDs, and even in game currency. Like [00:02:35] HGF: a digital pickpocket. But wait, PowerShell? Is that like a superhero power? [00:02:40] offsetkeyz: Quite. PowerShell is a scripting language for Windows, often used by system administrators for automation, but in our villain's hands, it becomes a tool for theft. [00:02:51] HGF: I see, so they're using PowerShell for evil. Got it. How bad is this [00:02:57] offsetkeyz: breach? Given Roblox's [00:03:00] massive user base, where 45 percent are under 13, the scale is concerning. It's not just gamers at risk, it's potentially their parents and even corporations, thanks to remote work blurring the lines between personal and professional devices. [00:03:15] HGF: Yikes, so my quest for smoother gameplay could put dad's spreadsheets in jeopardy? [00:03:21] offsetkeyz: Precisely! The attackers cleverly disguised their malicious intent, using legitimate looking videos and discord communities to spread tweaks. They even offer a free version to lure users into their trap. Free? [00:03:36] HGF: Sounds like the only thing free about it is the trip to hackerland. What can the good folks at home do to protect themselves? [00:03:43] offsetkeyz: The golden rule is stick to reputable sources for game enhancements, avoid disabling antivirus software for dubious downloads, and maintain skepticism towards too good to be true offers on social platforms. Got [00:03:57] HGF: it. Keep it legit or risk a cyber hit. [00:04:00] Any word from the digital knights at Zscaler? [00:04:03] offsetkeyz: Zscaler's Threat Labs is on the front line. Their sandbox technology uncovering the murky tactics and techniques of this malware campaign. It's a reminder of the constant cat and mouse game in cyber security. [00:04:15] HGF: So the moral of the story, if an FPS booth sounds too good to be true on Discord or YouTube, it probably is. [00:04:29] offsetkeyz: February saw a surge in search based malvertising. with Fakebat leading the charge. A cunning malware distributed through ads for popular software, which was reported by Malwarebytes on Tuesday. See the link in the show notes. [00:04:44] HGF: Fakebat? That sounds like a villain from a Saturday morning cartoon. So what, now I can't even click on things I search for with [00:04:51] offsetkeyz: Google? Remember, if you're searching for something specific, try not to click on the advertisement results. Anyone can buy these advertisement [00:05:00] spaces, and trick you into clicking them by impersonating the site you're trying to find. This malware has been impersonating brands like Parsec and FreeCAD. Both are cutting edge technologies in their respective fields. Like a wolf in sheep's [00:05:14] HGF: clothing. How do they even get these ads in front of people? [00:05:18] offsetkeyz: malvertising campaign gets creative., They've leveraged URL shorteners and even compromised legitimate websites, making these malicious ads appear trustworthy. Victims are lured into clicking, which kicks off a redirect chain ending in malware installation. Once installed, Fakebat reaches out to its command and control servers, putting victims data at risk. So, what's [00:05:41] HGF: the digital equivalent of locking our doors and windows? [00:05:44] offsetkeyz: The key is caution. Avoid clicking on ads for software downloads, and ensure your system's security measures are up to date. Utilizing tools like Threat Down DNS Filter can block malicious ads at the source, offering a layer [00:06:00] of protection. Got [00:06:01] HGF: it. Be skeptical of too good to be true ads and maybe invest in a cyber guard dog. How is Google dealing with this ad [00:06:09] offsetkeyz: apocalypse? The incidents have been reported to Google, highlighting the ongoing battle between security researchers and malvertisers. It's a digital cat and mouse game. with each side constantly evolving their strategies. [00:06:23] HGF: This actually happened to me when I was shopping for a pan at our place. It was like a website. I clicked on the sponsored one and it was like at our place. com and it almost got me, but the font looked a little bit off. Really? Yeah. I think I sent it to, this is like last year, but I'll never forget how identical to the site it looked, but everything was on super sale and it was like, hurry, act now. And they never do that. And I was like, Good [00:06:50] offsetkeyz: catch. I actually had a friend order shoes at my recommendation from my favorite shoe store called Vivo Barefoot. Except he went [00:07:00] and googled it, and it, the first one on Google was vivobarefootusa. com, and he actually ordered shoes from them. And never got [00:07:09] HGF: them. [00:07:10] offsetkeyz: And never [00:07:12] transition: Uh, uh, uh, uh, uh, uh. [00:07:24] offsetkeyz: The Tor Project has just unveiled their latest innovation, WebTunnel. A new bridge designed to camouflage Tor connections amidst regular HTTPS traffic, making it a formidable foe against censorship. Tor is all about privacy and overcoming digital barriers. Bridges in the Tor network are like secret pathways that aren't listed in the public directory, helping users connect without drawing attention. However, countries with tight censorship have gotten better at spotting these connections, Causes the need for WebTunnel, which disguises Tor traffic to look just like any other HTTPS web traffic.[00:08:00] This makes it much harder for these countries to block without also disrupting HTTPS connections, which are vital for a secure internet. How does this magic work? It's all about the art of disguise. WebTunnel wraps Tor's data packets in a layer that mimics WebSocket like HTTPS connections. To any observer on the network, it appears as if the user is simply visiting websites, making it difficult to distinguish and block Tor users specifically. And what about [00:08:29] HGF: those living under the watchful eye of Big Brother? Any luck for [00:08:33] offsetkeyz: them? That is the heart of the matter. WebTunnel proving to be effective in countries who govern internet usage, but some of them, like China and Iran, are figuring out ways to detect it. Tor recommends adding a layer of obfuscation using the OBFS4 protocol. [00:08:52] HGF: OBFS what? Sounds like something out of a spy novel. [00:08:56] offsetkeyz: Not far off, oBFS4, or as I like to [00:09:00] call it, the OB4 Skater, is a protocol designed to disguise internet traffic, making it difficult for third parties to determine what's being transmitted. This is crucial in places where censorship is rampant and access to information is restricted. [00:09:15] HGF: Hide and seek with your internet connection. If I'm in a country that's not too fond of free information, it's OBFS4 could be my ticket to [00:09:23] offsetkeyz: the wider world. Exactly, yeah. OBFS4 is a critical tool for those in oppressive regimes, offering a lifeline to unrestricted information. It exemplifies the ongoing battle for digital freedom, ensuring that the internet remains open and accessible to all. A lot of companies IT departments block Tor on their network. For good reason. So, the main purpose of the WebSocket is to allow citizens of oppressive regimes to Access the internet unrestricted, but I'm wondering what the implications will be for IT departments trying to detect [00:10:00] this type of traffic on their networks. It will blend in with everything else, which could open some, some floodgates for some activity. And that's all we've got for you today. Huge thanks to Hot Girl Farmer for joining us and delivering the news. And we will talk to you some more tomorrow.

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs "The Competition" Brave reduces its anti-fingerprinting protections CISA's proactive policing results one year later Longer Life For Samsung Updates Google Incognito Mode "Misunderstanding" Show Doc Not showing images on iOS Safari Generated AI Media Authentication Which computer languages to learn? Flashlight app subscription Google's Privacy Sandbox system Malware and IoT devices Protected Audience API vs. Malvertising Defensive computing Why ISPs don't do anything about DDoS attacks SpinRite Update Show Notes - https://www.grc.com/sn/SN-958-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: paloaltonetworks.com/ot-security-tco bitwarden.com/twit drata.com/twit kolide.com/securitynow

Cyber, Cyber… Raport powraca po wakacyjnej przerwie! Jest to specjalna edycja naszego podcastu, w której co tydzień opowiadamy o najważniejszych wydarzeniach z cyberprzestrzeni. Dzisiejszy odcinek prowadzą Kamil Gapiński i Piotr Kępski. Zapraszamy! Dzisiejsze tematy: Nietypowy atak na Okta; Źródło 2 Europol rozwiązuje infrastrukturę Ragnar Locker Dwie krytyczne podatności w oprogramowaniu urządzeń Cisco – wykryto ataki z More

Canadian music expert Alan Cross takes us through the history of bootleg music and gives us a sneak peek at his new true crime podcast, which will tell the stories of murder, extortion, and other crimes in the music industry. RUOK with Netflix? How about energy drinks? Can computer viruses be hidden in legitimate-looking ads? Hank the Hacker helps us understand Malvertising and other ways hackers will trick you into clicking a malicious link. HEY, DO YOU LIKE PODCASTS? Why not subscribe to ours? find it on Apple, Google, Spotify & Tune In

https://youtu.be/Io_lubfJgKE This week on the podcast, we discuss an alert from CISA on nation state threat actors embedding malware into legacy Cisco router firmware. After that, we cover a research post on malicious advertisements served up via Bing's ChatGTP integration. We then end with an analysis of North Korea's Lazarus group's latest social engineering techniques.

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast PEBCAK - Acronym of “problem exists between chair and keyboard.”   New RSS Feed link: https://feed.podbean.com/pebcak/feed.xml   Find us on our newly launched YouTube channel: https://www.youtube.com/@pebcakpodcast Follow me on Mastodon: https://infosec.exchange/@Clouie   Google still allows phishing pages in ads https://www.bleepingcomputer.com/news/security/sneaky-amazon-google-ad-leads-to-microsoft-support-scam/   Flipper Zero https://shop.flipperzero.one/   UK reminds citizens its voter site is not a scam https://www.bleepingcomputer.com/news/security/uk-gov-keeps-repeating-its-voter-registration-website-is-not-a-scam/   Threat actors use beta apps to bypass app store checks https://www.bleepingcomputer.com/news/security/threat-actors-use-beta-apps-to-bypass-mobile-app-store-security/   Google will require two administrators to make critical organizational changes https://www.bleepingcomputer.com/news/google/google-workspace-will-require-two-admins-to-sign-off-on-critical-changes/   Russia / Ukraine https://thehill.com/policy/international/3649053-bill-clinton-pushes-back-on-critics-who-blame-nato-enlargement-for-russias-invasion/   Dad Joke of the Week (DJOW)   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Victor - https://www.linkedin.com/in/victordeluca/

Send us a Text Message.Today we will learn about a  new Fraud Campaign thats targeting Users in Mexico, a Phishing Service toolkit that's getting popular, a new attack on Kubernetes clusters, an AI based tool that is 93% accurate, Two Acquisitions in cybersecurity and a new regulation that impacts all the publicly listed companies in USASupport the Show.Google Drive link for Podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnkoMy Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/Youtube Channnel : https://www.youtube.com/@TheCybermanShow Twitter handle https://twitter.com/prashant_cyber PS: The views are my own and dont reflect any views from my employer.

Sophos analyzes malvertising through purchased Google Ads. The MOVEit vulnerability is remediated faster than most. The DeliveryCheck backdoor is used against Ukrainian targets. SORM is under stress. Ukrainian police roll up another bot farm working in support of Russian influence operations. AJ Nash from ZeroFox provides insights on the White House cybersecurity labeling program. David Moulton from Palo Alto Networks Unit 42 introduces his new segment "Threat Vector." And we bid farewell to Kevin Mitnick. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/137 Selected reading. Bad ad fad leads to IcedID, Gozi infections (Sophos News) New research reveals rapid remediation of MOVEit Transfer vulnerabilities (Bitsight)  GRIT Ransomware Report-2023-Q2 (Guidepoint Security)  Russia's Turla hackers target Ukraine's defense with spyware (Record)  Russian Hackers Probe Ukrainian Defense Sector With Backdoor (Bank Info Security)  Russia's vast telecom surveillance system crippled by withdrawal of Western tech, report says (Record)  Ukraine's cyber police dismantled a massive bot farm spreading propaganda (Security Affairs) Kevin David Mitnick, August 6, 1963 - July 16, 2023. (Dignity Memorial)

Episode 203 of the Unsecurity Podcast is live!This week, Oscar and Brad sit down to discuss 'malvertising' and 'malverposting'.Links:“Malverposting” — With Over 500K Estimated Infections... https://labs.guard.io/malverposting-with-over-500k-estimated-infections-facebook-ads-fuel-this-evolving-stealer-54b03d24b349 Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

Hey, it's 5:05 on Tuesday, May 2nd. 2023. From The Sourced Podcast network in New York city, this is your host Pokie Huang. Stories in today's episode come from Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Ian Garrett in Arlington, Virginia, Olimpiu Pop in Transylvania, Romania and Marcel brown in St. Louis, Missouri. Let's get to it. Top 5 Most Dangerous New Cyberattacks for 2023

Heute mit: Deutsche Bahn, Matter, Malvertising, Stasi-Akten

Send us a Text Message.Welcome to The Cyberman Show. My name is Prashant Mishra. I am a full time #cybersecurity  expert with around 20 yrs of experience. I have experience of working with top cybersecurity companies where iI helped some of the biggest organizations across globe to solve cyber security issues faced by their IT systems. On this channel, you will learn about Cyber security from basics. I will take about #cyberattacks, hacks, cyber warfare, frauds, emerging tech, interesting startups, mergers and acquisitions, funding rounds etc. You can use this data to get a job, stay safe online and be cyber aware about the technology universe. Content of this channel will help you reduce your learning curve about cybersecurity and related technologies.LinkedIn: https://www.linkedin.com/in/prashantmishra11/PS: The views are my own and dont reflect any views from my employer.Support the Show.Google Drive link for Podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnkoMy Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/Youtube Channnel : https://www.youtube.com/@TheCybermanShow Twitter handle https://twitter.com/prashant_cyber PS: The views are my own and dont reflect any views from my employer.

Bob Carver CISM, CISSP, M.S. began his security career working in the financial industry. Later, Bob became the first full-time security employee hired to start the dedicated security monitoring and incident response team for Verizon Wireless. He has been involved in cyber risk management, policy, threat intelligence, and analytics. He was recognized by LinkedIn as one of the Top 5 Influencers in the World to follow in Cybersecurity. Most recently, he was on the expert panel for CES (Consumer Electronics Show) in Las Vegas discussing "Focusing on Security in Product Innovation." 00:00 Introduction 00:18 Our Guest 01:47 Bobs Beginning 05:02 How did Bob land his position at Verizon? 08:00 Budget issues 11:02 Why are companies so ineffective with Cybersecurity? 13:38 Cyber professionals not addressing business security implications 18:40 Malvertising 21:31 Not downloading everything off the internet 26:15 Curing your problems with a tool 28:26 Budgeting: Where should you prioritize? 32:22 ChatGPT 33:47 Cyber Insurance 37:29 Multifactor Authentication 43:06 File Storing System 45:48 Modern-day Bonnie and Clyde 47:43 Connecting with Bob ---------------------------------------------------------------------- Bobs video on Malvertising: https://www.linkedin.com/feed/update/urn:li:activity:7029053209889411072/ Bob's Twitter: @cybersecboardrm Bob's LinkedIn https://www.linkedin.com/in/bobcarver/ To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com ---------------------------------------------------------------------- SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: @securityconfidential and @OfficialDarkRhinoSecurity Facebook: @Dark-Rhino-Security-Inc Twitter: @darkrhinosec LinkedIn: @dark-rhino-security Youtube: @Dark Rhino Security ​ --------------------------------------------------------------------- Articles Mentioned: https://cybermagazine.com/cyber-security/executive-profile-bob-carver-verizon-wireless https://www.wired.com/2005/02/paris-hilton-hacked-or-not/

This week on Hacker And The Fed we discuss how Search Engine Ads are being used to spread malware through "malvertising". We also cover the impact of a breach involving data for over 20,000 individuals stolen from a firm that aggregates public records and sells background checks online. -- For more information on Chris and his current work visit naxo.com Follow Hector @hxmonsegur

A recap of Samsung's S23 launch event and hands on with the new devices; MLS Season Pass on Apple TV App; ChatGPT launches a $20 paid version; Malvertising on Google search; Netflix gives some hints on how it will crack down on password sharing; how to enable Gmail package tracking.Guests are Jacklyn Dallas from Nothing But Tech to talk about Samsung S23 impressions; creator Brian Tong to discuss how the new HomePod sounds; True App CEO Bret Cox explains why his app makes a great alternative to Facebook.Follow Rich:richontech.tvMentioned:https://raindrop.io/richontech/rich-on-tech-2-4-23-31350114See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

0:00 i can do this all day 0:10 YouTube Shorts ad revenue sharing 1:34 AMD 'undershipping' CPUs, GPUs 2:43 Multiple Twitter things 4:14 MANSCAPED 4:51 QUICK BITS 5:03 Netflix anti-pasword sharing 5:39 Malvertising 6:20 Xbox 360 isn't shutting down 7:07 Overwatch 2 punishing cheaters' buddies 7:38 CHINESE SPY BALLOON!! News Sources: https://lmg.gg/Y5aHZ

Dan talks about his journey from marketing to data privacy. He is on a mission to protect consumers from invasive media. He shares his personal story about being tracked online and how the hyper targeting he was victim of started him on his journey to Boltive. He elaborates on the anti malware software and why it is still a part of the cybersecurity world. Dan than expands on the anti Malvertising that Boltive is built around. The bad actors that use malvertising are looking more legit and many consumers can't distinguish between the two. He talks about the current driver in data privacy laws and how the technology is struggling to keep up with the regulations. Businesses need to be wary of overconfidence in being prepared for compliance on the new privacy laws. Audits are showing many are still vulnerable due to lax in vendor checks and other factors.   Connect with Dan: https://www.linkedin.com/in/frechtling/ Visit Boltive: https://www.boltive.com/   Visit Short Arms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/@shortarmsolutions   Twitter: https://twitter.com/ShortArmSAS

Dan talks about his journey from marketing to data privacy. He is on a mission to protect consumers from invasive media. He shares his personal story about being tracked online and how the hyper targeting he was victim of started him on his journey to Boltive. He elaborates on the anti malware software and why it is still a part of the cybersecurity world. Dan than expands on the anti Malvertising that Boltive is built around. The bad actors that use malvertising are looking more legit and many consumers can't distinguish between the two. He talks about the current driver in data privacy laws and how the technology is struggling to keep up with the regulations. Businesses need to be wary of overconfidence in being prepared for compliance on the new privacy laws. Audits are showing many are still vulnerable due to lax in vendor checks and other factors.   Connect with Dan: https://www.linkedin.com/in/frechtling/ Visit Boltive: https://www.boltive.com/   Visit Short Arms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/@shortarmsolutions   Twitter: https://twitter.com/ShortArmSAS

Luna Moth's callback phishing offers an unpleasant and less familiar form of social engineering. New activity by China's Mustang Panda is reported. DEV0569 is using malvertising to distribute Royal ransomware. US indicts 10 in a business email compromise case. Developing a cyber auxiliary. Dave Bittner sits down with AJ Nash from ZeroFox to discuss holiday scams. Our own Rick Howard speaks with us about cloud security. And beware of Black Friday scams. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/223 Selected reading. Threat Assessment: Luna Moth Callback Phishing Campaign (Unit 42)  DEV-0569 finds new ways to deliver Royal ransomware, various payloads (Microsoft Security)  Earth Preta Spear-Phishing Governments Worldwide (Trend Micro)  EXCLUSIVE: Rounding up a cyber posse for Ukraine (The Record by Recorded Future)  Tech for good: How the IT industry is helping Ukraine (Computing)  10 Charged in Business Email Compromise and Money Laundering Schemes Targeting Medicare, Medicaid, and Other Victims (US Department of Justice)  Black Friday and Cyber Monday risks. (CyberWire)

Ben talks with Matt Gillis, CEO of Clean.io about advertising challenges and abuse. What does malvertising look like today and how has Covid affected it? Matt and Ben discuss in detail the relative increase in malvertising since the online traffic surge that came with the pandemic. Matt discloses how Clean.io prevents malvertising in real time. Show NotesConnect With: Matt Gillis: Website // LinkedInThe MarTech Podcast: Email // Newsletter // TwitterBenjamin Shapiro: Website // LinkedIn // TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Ben talks with Matt Gillis, CEO of Clean.io about advertising challenges and abuse. What does malvertising look like today and how has Covid affected it? Matt and Ben discuss in detail the relative increase in malvertising since the online traffic surge that came with the pandemic. Matt discloses how Clean.io prevents malvertising in real time. Show NotesConnect With: Matt Gillis: Website // LinkedInThe MarTech Podcast: Email // Newsletter // TwitterBenjamin Shapiro: Website // LinkedIn // TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Today, Matt Gillis, CEO of Clean.io talks with Ben about advertising malpractice and how it affects your revenue. Bad advertising practices can even limit or block your flow of subscribers. How can you protect your business? Ben and Matt discuss how malvertising works and what Clean.io does to prevent it. Show NotesConnect With: Matt Gillis: Website // LinkedInThe MarTech Podcast: Email // Newsletter // TwitterBenjamin Shapiro: Website // LinkedIn // TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Today, Matt Gillis, CEO of Clean.io talks with Ben about advertising malpractice and how it affects your revenue. Bad advertising practices can even limit or block your flow of subscribers. How can you protect your business? Ben and Matt discuss how malvertising works and what Clean.io does to prevent it. Show NotesConnect With: Matt Gillis: Website // LinkedInThe MarTech Podcast: Email // Newsletter // TwitterBenjamin Shapiro: Website // LinkedIn // TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

To deliver malware, threat actors depend on techniques like phishing and malvertising, but malvertising doesn't get as much visibility.  To address this imbalance, we've invited Chance Tudor, an official “Threat Hunter” in the Infoblox threat research group, to talk about his recent work uncovering the Omnatour Malvertising network, an unusually large and persistent threat delivery system.  Our discussion will focus on the behind-the-scenes investigation work, starting with how they even knew a threat even needed to be investigated. Tune in to the live broadcast on LinkedIn and Facebook every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.

Ryan Kovar from Splunk sits down with Dave to discuss their findings in "Truth in Malvertising?" that contradict the LockBit group's encryption speed claims. Splunk's SURGe team recently released a whitepaper, blog, and video that outlined the encryption speeds of 10 different ransomware families. During their research they cam across Lockbit doing the same thing. After completing the research, the researchers came back to test the veracity of LockBit's findings. The research showed three interesting finds. The first find showed that LockBit's fastest and slowest samples were closely aligned between the tests, but the other results were very different. They also found that LockBit continues to be the fastest ransomware, but LockBit 2.0 was more efficient yet slower than its previous counterpart, LockBit 1.0. Lastly, once ransomware gets to the point of encrypting your systems, it's too late. The research can be found here: Truth in Malvertising?

Ryan Kovar from Splunk sits down with Dave to discuss their findings in "Truth in Malvertising?" that contradict the LockBit group's encryption speed claims. Splunk's SURGe team recently released a whitepaper, blog, and video that outlined the encryption speeds of 10 different ransomware families. During their research they cam across Lockbit doing the same thing. After completing the research, the researchers came back to test the veracity of LockBit's findings. The research showed three interesting finds. The first find showed that LockBit's fastest and slowest samples were closely aligned between the tests, but the other results were very different. They also found that LockBit continues to be the fastest ransomware, but LockBit 2.0 was more efficient yet slower than its previous counterpart, LockBit 1.0. Lastly, once ransomware gets to the point of encrypting your systems, it's too late. The research can be found here: Truth in Malvertising?

Ben talks with Matt Gillis, CEO of Clean.io about advertising challenges and abuse. What does malvertising look like today and how has Covid affected it? Matt and Ben discuss in detail the relative increase in malvertising since the online traffic surge that came with the pandemic. Matt discloses how Clean.io prevents malvertising in real time. Show NotesConnect With: Matt Gillis: Website // LinkedInThe MarTech Podcast: Email // Newsletter // TwitterBenjamin Shapiro: Website // LinkedIn // TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.