SANS Reveals Top 5 Most Dangerous Cyberattacks for 2023
Expert instructors from the SANS Institute here yesterday detailed what they cite as the most dangerous forms of cyberattacks for 2023. Some of the key themes bubbling to the surface included the intersection of AI with attack patterns and the ways that attackers are taking advantage of highly flexible development environments. “This is my favorite…
How to Defend Against Malvertising Drive-By Attacks
Many longtime internet users will remember receiving pop-up ads warning that their computers were infected with a virus. In nearly all cases, the ad’s specific claims were bogus; the purpose was to scare users into paying for a questionable tech support service or to drive them to a site that would actually infect them with…
Steganography: A Safe Haven for Malware
Steganography, or the practice of concealing a file, message, image or video within another file, message, image or video, may be an older technique, but it continues to be an incredibly versatile and effective method for obscuring or hiding information in plain sight. In 2017, IBM X-Force has identified three different malware samples in network…
A look back at the Zyns iframer campaign
We often get asked about drive-by download attacks, how they work, and specifically about what sites people may have visited just prior to getting infected. This is an interesting aspect when tracking campaigns and what they lead to. Typically, one can divide the drive-by landscape into two categories: malvertising and compromised websites. The former involves legitimate websites…
Tech support scammers abuse bug in HTML5 to freeze computers
One of the primary vectors for the distribution of tech support scams is malvertising. You’ll simply be browsing the web when all of a sudden your browser shows a scary page claiming your computer is infected. Behind the scenes, an unscrupulous ad network usually lets a malicious actor push a malicious code snippet instead of…
Google Adwords Malvertising Campaign Targets Apple Macs
Apple Mac owners using the Google search engine may have been infected via malicious ads at the tip-top of their search results last week after attackers launched a malvertising campaign against Google Adwords. In an act of gumption or plain cheek, the attackers’ malicious lure of choice was a phony ad for one of Google’s…