November 20, 2024 at 08:49AM Amazon, Amazon Music, and Audible have experienced an influx of fake listings promoting dubious forex trading sites, pirated software, and spammy links. These listings, including zero-second audio episodes, exploit the platforms for SEO manipulation. The issue highlights a broader problem of spam in digital content distribution. ### Meeting Takeaways: 1. … Read more
November 12, 2024 at 05:57AM A targeted campaign leveraging SEO poisoning delivers GootLoader malware to users searching for Bengal cat legality in Australia. Victims encounter compromised sites, leading to malware installations via ZIP archives. Recent tactics have shifted towards fake PDF converters instead of legal terms, broadening the potential target audience. ### Meeting Takeaways: Nov … Read more
November 8, 2024 at 12:05PM Recent research indicates that cybercriminals are targeting Australians interested in Bengal cats using Gootloader malware. By optimizing search results related to Bengal cat legality, they trick users into downloading malicious files. Sophos warns of rising attacks utilizing this method, urging users to be cautious of suspicious links and downloads. **Meeting … Read more
November 6, 2024 at 04:51PM Sophos reports that the Gootloader malware, known for SEO poisoning tactics, targets niche victims, including Australian Bengal cat enthusiasts. As an infostealer or malware dropper, it exploits search queries to deliver malicious payloads. The use of malvertising is rising, connecting cybercrime to ransomware operations, prompting action from cybersecurity agencies. ### … Read more
September 4, 2024 at 01:42AM A new malware campaign is using a spoofed version of Palo Alto Networks’ GlobalProtect VPN software to distribute the WikiLoader malware through an SEO campaign. The malware campaign is a shift from previous tactics and involves malicious activities such as delivering malware via fake GlobalProtect download pages and anti-analysis checks … Read more
September 3, 2024 at 02:43PM Cybercriminals are posing as sellers of GlobalProtect VPN software from Palo Alto Networks and spreading a new variant of WikiLoader malware through SEO poisoning. The malware, known as WailingCrab, is traditionally spread through phishing and compromised websites. This campaign, discovered by Palo Alto’s Unit 42 team, has targeted US higher … Read more
July 5, 2024 at 05:56AM Cybereason reported that the GootLoader malware, linked to threat actor Hive0127, continues to evolve, with the latest version being GootLoader 3. It is distributed via SEO poisoning and serves as a conduit for delivering various payloads. The attackers have also unleashed their own command-and-control tool, expanding their market for financial … Read more
June 19, 2024 at 03:17AM The Void Arachne campaign targets Chinese-speaking users with malicious Windows Installer (MSI) files containing legitimate software bundled with malicious Winos payloads. The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as AI voice and facial technologies. The threat actors use SEO poisoning tactics … Read more
March 25, 2024 at 12:11PM Google Search Generative Experience (SGE) is an AI feature providing quick summaries for search queries but is recommending spam and malicious websites, making it easier for users to fall for scams. These sites promote unwanted browser extensions, fake iPhone giveaways, tech support scams, and push notifications for spam and affiliate … Read more
February 26, 2024 at 03:05PM Threat actors are exploiting an outdated CMS editor to compromise education and government entities worldwide. Attackers abuse open redirects for phishing, distributing malware, or scamming users while appearing to originate from legitimate domains. The campaign targets educational institutions, government, and corporate sites, using the outdated FCKeditor plugin. The compromised instances … Read more