While the effectiveness of this feature is yet to be verified by security researchers or Google, the existence of similar claims by another malware suggests that there may be an exploitable vulnerability in session cookies.
Nov 17, 2023NewsroomMalvertising / Malware Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. “The malicious advertisement directs the user to a compromised WordPress […]
Google announced on Monday that it’s taking legal action against cybercriminals who delivered malware through websites that told users they could download Bard, the tech giant’s chat-based AI tool. The company filed a lawsuit against what it described as “AI scammers”. The threat actor set up social media pages and ran ads promoting websites where […]
Google on Tuesday announced the release of Chrome 119 to the stable channel with patches for 15 vulnerabilities, including 13 reported by external researchers. Three of the externally reported bugs have a severity rating of ‘high’, and are described as inappropriate implementation in Payments (CVE-2023-5480), insufficient data validation in USB (CVE-2023-5482), and integer overflow in […]
Google Chrome’s new feature, HTTPS-Upgrades, automatically upgrades insecure HTTP requests to HTTPS requests. This will help secure old links and prevent snooping on connections to steal sensitive data.
Mozilla and Google this week announced software updates for Firefox and Chrome that address multiple high-severity vulnerabilities, including memory safety bugs. On Tuesday, Mozilla released Firefox 119 with patches for 11 vulnerabilities, including three high-severity issues. The first of the flaws, CVE-2023-5721, is an insufficient activation-delay bug that could result in the user unintentionally activating […]
Google has bolstered the security of Android devices with a significant update to Google Play Protect. According to the tech giant, this development is in response to the growing prevalence of cyber-threats targeting mobile devices. Google Play Protect is an existing security feature that scans approximately 125 billion apps daily for malware and unwanted software. […]
In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain. We believe this evolution will have a real world impact among corporate users getting compromised via malicious ads eventually leading to the […]
Internet infrastructure providers Google Cloud, Cloudflare and Amazon Web Services have reported the largest ever distributed-denial-of-service (DDoS) attacks. The DDoS attacks were reported on October 10, with the cloud service providers noting that the attacks were part of a mass exploit of a zero-day vulnerability. The DDoS attacks themselves started during August and are still […]