Advertising and Cybersecurity - Cyber Security Informer

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads. This earned Google a whopping $175 billion in search-based ad revenues in 2023.

Advertising

Advertising Accountability Phishing Scams

Fake bank ads on Instagram scam victims out of money

Malwarebytes

JUNE 18, 2025

Doublecheck the advertiser account: BleepingComputer found that the advertiser accounts running the fake ads on Instagram only had pages on Facebook, not on Instagram itself. Stay informed: Keep up to date with the latest scam tactics and security advice from your bank and reputable cybersecurity sources.

Banking

Banking Scams Advertising Media

SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide

Penetration Testing

NOVEMBER 2, 2024

In a world increasingly dependent on online advertising, cybercriminals have seized an opportunity to exploit Meta’s vast advertising ecosystem.

Advertising

Advertising Cybersecurity Malware

Everything You Need to Know about the Malvertising Cybersecurity Threat

Tech Republic Security

OCTOBER 29, 2024

Malvertising is a shortened mash-up of “malicious advertising.” These malicious ads are difficult to detect, and are served to internet users using legitimate advertising networks and publishing platforms, such as the Google Search Network.

Advertising

Advertising Cybersecurity Internet Internet

DeepSeek users targeted with fake sponsored Google ads that deliver malware

Malwarebytes

MARCH 26, 2025

In this case, they certainly put a lot more effort into creating the fake website which the advertisement linked to: Its different from the real website, but it looks convincing, nonetheless. The advertisers name is not in Chinese characters by the way. The language in which the advertiser’s name is written is Hebrew: .

Artificial Intelligence

Artificial Intelligence Advertising Malware Risk

Podcast: The Cyberwar with Iran

Doctor Chaos

JUNE 25, 2025

Listen direclty on SoundCloud here: [link] Podcast Recent Posts See All Podcast: Unpacking Cybersecurity Careers Podcast: What Really Grinds My Gears Podcast: Olympus Has Fallen Dr. Chaos Dark Security and Total Chaos Blog HOME CONTACT US MEDIA LINKS AAMIR LAKHANI More Use tab to navigate through the menu items.

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

Anton on Security

FEBRUARY 7, 2024

. — this may not be new, but this matters for new reasons in the cloud] “Threat actors targeting cloud environments began prioritizing data exfiltration over data encryption and stolen data advertisements grew in 2023, as threat actors demonstrated an increased focus on publicly releasing exfiltrated data from multiple cloud providers.” [ A.C. — ransomware

Cybersecurity

Cybersecurity Ransomware Passwords Cryptocurrency

Repeat offenders drive bulk of tech support scams via Google Ads

Malwarebytes

DECEMBER 3, 2024

We’ve identified specific advertiser accounts that make up the bulk of fraudulent ads we have reported to Google this past year. For instance, one advertiser had over 30 reported incidents in the past 3 months. It’s unclear why Google has not taken definitive action on the advertiser profiles we have reported.

Scams

Scams Advertising Accountability Engineering

Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets

The Hacker News

MAY 27, 2025

Cybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan called Venom RAT.

Antivirus

Antivirus Advertising Software Cybersecurity

UK Government to Launch PR Campaign Undermining End-to-End Encryption

Schneier on Security

JANUARY 18, 2022

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” ” rhetoric we’re seeing in this current wave of the crypto wars.

Encryption

Encryption Government Advertising Marketing

Android devices track you before you even sign in

Malwarebytes

MARCH 12, 2025

As the company behind the Android Operating System (OS), the Google Play Store, the most popular search engine in the world, and part of the leading company in digital advertising (Alphabet), Google has obtained a position where it would be hard not to profit from. Ever considered not telling them who I am?

Advertising

Advertising Accountability Marketing Engineering

Translating Deep Cybersecurity Knowledge into Media Opportunities

SecureWorld News

APRIL 21, 2025

You've built your cybersecurity business on years of solid technical expertise. This is especially true for cybersecurity businesses, where trust and legitimacy are essential but hard-won. Also, it's important to remember that most journalists covering cybersecurity often don't have deep technical backgrounds themselves.

Media

Media Cybersecurity Marketing Healthcare

CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

The Hacker News

MAY 14, 2025

This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CTM360 revealed that attackers behind Meta Mirage impersonate official Meta communications, tricking users into handing

Phishing

Phishing Advertising Accountability Cybersecurity

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month. The malware can collect cookies, logins and browsing history, but from Safari only cookies can be collected.

Malware

Malware Advertising Antivirus Cybercrime

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian.

Malware

Malware Antivirus DDOS Software

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Advertising

Advertising Cybercrime System Administration Hacking

Patch now! New Chrome update for two critical vulnerabilities

Malwarebytes

OCTOBER 30, 2024

That means that a victim’s device could be compromised just by visiting a malicious website or advertisement. We don’t just report on threats—we remove them Cybersecurity risks should never spread beyond a headline. This vulnerability, tracked as CVE-2024-10487 , can be used by cybercriminals as a drive-by download.

Spyware

Spyware Architecture Advertising Engineering

Empowering Women in Cybersecurity: Insights from ISC2's Latest Study

SecureWorld News

APRIL 9, 2025

The cybersecurity landscape is witnessing a transformative shift, with an increasing number of women entering the field through non-traditional pathways. A recent study by ISC2 highlights this trend, revealing how diverse educational backgrounds and experiences are enriching the cybersecurity workforce.

Cybersecurity

Cybersecurity Education InfoSec Government

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

According to new research from Malwarebytes, people see this election season as a particularly risky time for their online privacy and cybersecurity. The electoral process is (forgive us) a lot like cybersecurity: It scares people, it’s hopelessly baroque, and, through a lack of participation, it can produce unwanted results.

Scams

Scams Identity Theft Cybercrime Accountability

1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products

Malwarebytes

NOVEMBER 1, 2024

SEO poisoning is a technique employed by cybercriminals to manipulate search engine results, making harmful websites or advertisements appear at the top of search results. Did the advertisement you clicked on take you to the expected web shop? So, what can consumers do to stay safe?

Phishing

Phishing Advertising Engineering Risk

GhostGPT: A Malicious AI Chatbot for Hackers

Security Boulevard

JANUARY 24, 2025

A malicious generative AI chatbot dubbed "GhostGPT" is being advertised to cybercriminals on underground forums as a tool for more quickly and efficiently creating malware, running BEC attacks, and other nefarious activities, lowering the barrier for less-skilled hackers to launch attacks.

Advertising

Advertising Malware Social Engineering Security Awareness

Root Access Unlocked: Public PoC Exposes GlobalProtect macOS Privilege Escalation Flaw

Penetration Testing

JUNE 11, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Penetration Testing

Penetration Testing VPN DDOS Advertising

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

Penetration Testing

JUNE 10, 2025

Skip to content June 11, 2025 Linkedin Twitter Facebook Youtube Daily CyberSecurity Primary Menu Home Cyber Security Cybercriminals Data Leak Linux Malware Attack Open Source Tool Technology Vulnerability Submit Press Release Search for: Home News Vulnerability Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9

Penetration Testing

Penetration Testing DDOS Advertising Technology

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

The Last Watchdog

MAY 15, 2025

Yet despite their importance, many lack the cybersecurity expertise and resources to fend off a rising tide of digital threats. Proactive Protection Without Breaking the Bank Its a myth that only large budgets can deliver meaningful cybersecurity. For small businesses, smart prioritization is key.

Small Business

Small Business Cybercrime Cyber Insurance Phishing

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. Remember that just last year a widespread IT outage grounded flights globally, cementing the relationship between companies, cybersecurity, and everyday people. Uhh, again, that is. Heres what we might expect.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Penetration Testing

JUNE 9, 2025

These incidents are part of a broader trend where cybersecurity vendors themselves are becoming targets due to their deep visibility into client environments and defensive capabilities. Support independent cybersecurity journalism. If this article helped you, please share it with others who might benefit. Every contribution matters.

Penetration Testing

Penetration Testing Advertising Cybersecurity DNS

Is nowhere safe from AI slop? (Lock and Code S05E27)

Malwarebytes

DECEMBER 30, 2024

There are AI-generated childrens books being advertised relentlessly on the Amazon Kindle store. License [link] Outro Music: Good God by Wowa (unminus.com) Listen upMalwarebytes doesnt just talk cybersecurity, we provide it. But little of that has mattered, as AI slop has continued to slosh about online.

Accountability

Accountability Advertising Media Government

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

With the right cybersecurity practices, everyday Mac users can stay safe from these emerging threats. The developers ran a holiday promotion seriously and even released an AMOS update that would better obfuscate the info stealer from being detected by cybersecurity software.

Malware

Malware Software Passwords Cryptocurrency

PayPal’s “no-code checkout” abused by scammers

Malwarebytes

FEBRUARY 27, 2025

Overview Scammers are creating ads impersonating PayPal from various advertiser accounts that may have been hacked. This is not a coincidence of course, and is why search advertising is worth billions of dollars. We dont just report on phone securitywe provide it Cybersecurity risks should never spread beyond a headline.

Scams

Scams Mobile Small Business Advertising

Google Reverses Third-Party Cookie Phaseout, Privacy Sandbox Relegated to Support Role

Penetration Testing

APRIL 23, 2025

Currently, the industry widely relies on cookie technology to store user data, and advertising networks use cookies to The post Google Reverses Third-Party Cookie Phaseout, Privacy Sandbox Relegated to Support Role appeared first on Daily CyberSecurity.

Advertising

Advertising Technology Cybersecurity

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Penetration Testing

JUNE 20, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Passwords

Passwords Accountability Penetration Testing Firewall

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

Make sure your organization is aware of and prepared for the complex cybersecurity risks that emerge when you mix AI and the cloud. Stewards should help scale and standardize cybersecurity practices and processes throughout the open source ecosystem. Dive into six things that are top of mind for the week ending March 21.

Risk

Risk IoT Cybersecurity Manufacturing

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

Penetration Testing

JUNE 17, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Firmware

Firmware Penetration Testing Manufacturing Advertising

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITYSYSTEM

Penetration Testing

JUNE 12, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Penetration Testing

Penetration Testing Advertising Firmware DDOS

1 in 10 people do nothing to stay secure and private on vacation

Malwarebytes

MARCH 17, 2025

This year, Spring Break vacationers are packing more than their flip-flops, bucket hats, and sunglassestheyre also packing a few cybersecurity anxieties for the trip. But as more apps help with traveling needs, more opportunities arise for those apps to be falsely emulated and maliciously advertised online.

Passwords

Passwords VPN Scams Backups

Google Patches 23-Year-Old Chrome Vulnerability That Leaked Browsing History

Penetration Testing

APRIL 8, 2025

A recently patched vulnerability by Google theoretically affects all browsers and could allow online advertisers to infer users browsing historiesthereby enabling the delivery of targeted ads. The exploit is deceptively simple.

Advertising

Advertising Cybersecurity

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Penetration Testing

JUNE 15, 2025

Skip to content June 16, 2025 Linkedin Twitter Facebook Youtube Daily CyberSecurity Primary Menu Home Cyber Criminals Cyber Security Data Leak Linux Malware Vulnerability Submit Press Release Vulnerability Report Windows Search for: Home News Vulnerability Report Critical Blink Router Flaws (CVSS 9.8) Every contribution matters.

Firmware

Firmware DNS Penetration Testing Advertising

News alert: Halo Security’s attack surface management platform wins MSP Today’s top award

The Last Watchdog

JUNE 18, 2025

Founded by cybersecurity experts with backgrounds at McAfee, Intel, Kenna Security, OneLogin, and WhiteHat Security, Halo Security delivers a unique attacker-based approach to help organizations safeguard against potential threats. Each recipient is a verifiable leader in the marketplace. Users can learn more at www.tmcnet.com.

Penetration Testing

Penetration Testing Technology Media Marketing

Breaking the Zeppelin Ransomware Encryption Scheme

Schneier on Security

NOVEMBER 21, 2022

A company offered recovery services based on this break, but was reluctant to advertise because it didn’t want Zeppelin’s creators to fix their encryption flaw. The company also used that same donated infrastructure to help victims decrypt their data using the recovered keys. Technical details.

Encryption

Encryption Ransomware Advertising Cybersecurity

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

This makes the information a treasure trove for advertisers, insurance companies, and Big Pharma. We don’t just report on threats—we remove them Cybersecurity risks should never spread beyond a headline. All of this makes it very understandable that customers of Atlas Biomed are worried about where their data might end up.

Insurance

Insurance Accountability Risk Data breaches

Application and AI roundup - May

Adam Shostack

JANUARY 2, 2025

Application Security FDA Warns of Cybersecurity Vulnerabilities in Certain DNA Sequencing Devices explains that Illuminas DNA sequencer can be accessed without a password. In her cybersecurity roundup where I saw both of those, Violet Blue asks the same question: How do medical research devices get made without passwords?

Passwords

Passwords Encryption Risk Advertising

Dark web threats and dark market predictions for 2025

SecureList

DECEMBER 16, 2024

In 2024, our expert observations indicate that commercial advertising for these cryptors have indeed gained momentum. Not every data breach advertisement on the dark web is the result of a genuinely serious incident. The primary purpose of these tools is to render the code undetectable by security software.

Marketing

Marketing Data breaches Cryptocurrency Malware

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J. Awareness and vigilance.

Scams

Scams Social Engineering Phishing Mobile

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Fake bank ads on Instagram scam victims out of money

Trending Sources

SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide

Everything You Need to Know about the Malvertising Cybersecurity Threat

DeepSeek users targeted with fake sponsored Google ads that deliver malware

Podcast: The Cyberwar with Iran

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

Repeat offenders drive bulk of tech support scams via Google Ads

Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets

UK Government to Launch PR Campaign Undermining End-to-End Encryption

Android devices track you before you even sign in

Translating Deep Cybersecurity Knowledge into Media Opportunities

CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

Banshee macOS stealer supports new evasion mechanisms

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Meet the Administrators of the RSOCKS Proxy Botnet

Patch now! New Chrome update for two critical vulnerabilities

Empowering Women in Cybersecurity: Insights from ISC2's Latest Study

Election season raises fears for nearly a third of people who worry their vote could be leaked

1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products

GhostGPT: A Malicious AI Chatbot for Hackers

Root Access Unlocked: Public PoC Exposes GlobalProtect macOS Privilege Escalation Flaw

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

New AI “agents” could hold people for ransom in 2025

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Is nowhere safe from AI slop? (Lock and Code S05E27)

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Macs targeted by info stealers in new era of cyberthreats

PayPal’s “no-code checkout” abused by scammers

Google Reverses Third-Party Cookie Phaseout, Privacy Sandbox Relegated to Support Role

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITYSYSTEM

1 in 10 people do nothing to stay secure and private on vacation

Google Patches 23-Year-Old Chrome Vulnerability That Leaked Browsing History

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

News alert: Halo Security’s attack surface management platform wins MSP Today’s top award

Breaking the Zeppelin Ransomware Encryption Scheme

DNA testing company vanishes along with its customers’ genetic data

Application and AI roundup - May

Dark web threats and dark market predictions for 2025

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

Stay Connected