Advertising, Cybersecurity and Malware - Cyber Security Informer

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. A fake browser update page pushing mobile malware. The bulletproof hosting provider BEARHOST. Image: Intrinsec.

Malware

Malware Antivirus DDOS Software

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads. This earned Google a whopping $175 billion in search-based ad revenues in 2023.

Advertising

Advertising Accountability Phishing Scams

DeepSeek users targeted with fake sponsored Google ads that deliver malware

Malwarebytes

MARCH 26, 2025

In this case, they certainly put a lot more effort into creating the fake website which the advertisement linked to: Its different from the real website, but it looks convincing, nonetheless. The advertisers name is not in Chinese characters by the way. The language in which the advertiser’s name is written is Hebrew: .

Artificial Intelligence

Artificial Intelligence Advertising Malware Risk

Fake AI Video Tools Spreading New “Noodlophile” Malware, Targets Thousands on Facebook

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. The Noodlophile Stealer is a new malware strain.

Malware

Malware Scams Media Artificial Intelligence

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware

Malware Advertising Antivirus Cybercrime

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. re abruptly announced it was permanently closing after a cybersecurity breach allowed unknown intruders to trash its servers and delete customer data and backups.

Malware

Malware Cybercrime Internet Internet

SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide

Penetration Testing

NOVEMBER 2, 2024

In a world increasingly dependent on online advertising, cybercriminals have seized an opportunity to exploit Meta’s vast advertising ecosystem.

Advertising

Advertising Cybersecurity Malware

GhostGPT: A Malicious AI Chatbot for Hackers

Security Boulevard

JANUARY 24, 2025

A malicious generative AI chatbot dubbed "GhostGPT" is being advertised to cybercriminals on underground forums as a tool for more quickly and efficiently creating malware, running BEC attacks, and other nefarious activities, lowering the barrier for less-skilled hackers to launch attacks.

Advertising

Advertising Malware Social Engineering Security Awareness

Hackers Exploit Russian Host Proton66 for Global Malware Attacks, Researchers Say

eSecurity Planet

APRIL 21, 2025

A notorious Russian hosting service provider known as Proton66 is at the center of a series of widespread cyberattacks and malware campaigns targeting organizations and users worldwide, according to fresh findings from cybersecurity experts. The malware connects to a C2 server at 193.143.1.139. “Net blocks 45.135.232.0/24

Malware

Malware Phishing Ransomware VPN

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability

Accountability Advertising Passwords Phishing

Malware attack disguises itself as DeepSeek installer

Graham Cluley

JUNE 12, 2025

Skip to content Graham Cluley Cybersecurity and AI keynote speaker BOOK ME Speaking · Writing · Podcasts · Video · Contact · About · Games 🔍 ⁠This weeks sponsor: Proton Pass - Easily create unique, secure passwords. How are the bad guys spreading the malware? Integrated 2FA.

Malware

Malware Cryptocurrency Accountability Advertising

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. With the right cybersecurity practices, everyday Mac users can stay safe from these emerging threats. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices.

Malware

Malware Software Passwords Cryptocurrency

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. This warning comes from our 2025 State of Malware report, which compiled a years worth of intelligence to identify the most pressing cyberattacks on the horizon. You can find the full 2025 State of Malware report here.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

Penetration Testing

JUNE 30, 2025

day AI Development AI security CVE-2025-49596 cybersecurity Machine Context Protocol MCP MCP Inspector Oligo Security rce Remote Code Execution Vulnerability Continue Reading Previous: From Code to Crypto Theft: DOJ Charges Four North Koreans for Infiltrating U.S. Support independent cybersecurity journalism.

Penetration Testing

Penetration Testing Authentication Advertising Cybersecurity

From Menu to Malware: How Innocent Scans Lead to Quishing Attacks

SecureWorld News

JUNE 23, 2025

At the gym, the flyer advertising a free class also has a QR code. These quick scans can become gateways—not to a menu or coupon, but to malicious phishing sites, malware downloads, or credential theft. That code might redirect to a spoofed login page, a malware dropper, or a credential harvesting form.

Malware

Malware Phishing Marketing Mobile

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

This is evident by the apparent scale of the infrastructure behind a relatively new company based in Montenegro called PushWelcome , which advertises the ability for site owners to monetize traffic from their visitors. An ad from PushWelcome touting the money that websites can make for embedding their dodgy push notifications scripts.

Antivirus

Antivirus Advertising Adware Internet

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

The Last Watchdog

MAY 15, 2025

Yet despite their importance, many lack the cybersecurity expertise and resources to fend off a rising tide of digital threats. AI is now supercharging these threats helping cybercriminals scale attacks, tailor phishing lures, write malware, and even evade detection. AI is fueling the fire But easy access is just the start.

Small Business

Small Business Cybercrime Cyber Insurance Phishing

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Advertising

Advertising Cybercrime System Administration Hacking

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Penetration Testing

JUNE 9, 2025

These incidents are part of a broader trend where cybersecurity vendors themselves are becoming targets due to their deep visibility into client environments and defensive capabilities. Support independent cybersecurity journalism. If this article helped you, please share it with others who might benefit. Every contribution matters.

Penetration Testing

Penetration Testing Advertising DNS Cybersecurity

Dark web threats and dark market predictions for 2025

SecureList

DECEMBER 16, 2024

Review of last year’s predictions The number of services providing AV evasion for malware (cryptors) will increase We continuously monitor underground markets for the emergence of new “cryptors,” which are tools specifically designed to obfuscate the code within malware samples.

Marketing

Marketing Data breaches Cryptocurrency Malware

Root Access Unlocked: Public PoC Exposes GlobalProtect macOS Privilege Escalation Flaw

Penetration Testing

JUNE 11, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Penetration Testing

Penetration Testing VPN DDOS Advertising

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

The accused allegedly developed and marketed a series of cryptocurrency applications that were advertised as tools to help people manage their crypto holdings. In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed.

Cryptocurrency

Cryptocurrency Financial Services Banking Cybercrime

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Penetration Testing

JUNE 20, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Passwords

Passwords Accountability Firewall Penetration Testing

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

Penetration Testing

JUNE 10, 2025

Skip to content June 11, 2025 Linkedin Twitter Facebook Youtube Daily CyberSecurity Primary Menu Home Cyber Security Cybercriminals Data Leak Linux Malware Attack Open Source Tool Technology Vulnerability Submit Press Release Search for: Home News Vulnerability Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9

Penetration Testing

Penetration Testing DDOS Advertising Technology

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

Zero Day

JUNE 26, 2025

Here's why A new Trojan malware is targeting sensitive information, including crypto wallet seed phrases. Also: How Avast's free AI-powered Scam Guardian protects you from online con artists According to Kaspersky, the malware targets iOS and Android devices. Here's how the malware works. What is SparkKitty?

Password Management

Password Management Small Business Passwords Artificial Intelligence

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Penetration Testing

JUNE 15, 2025

Skip to content June 16, 2025 Linkedin Twitter Facebook Youtube Daily CyberSecurity Primary Menu Home Cyber Criminals Cyber Security Data Leak Linux Malware Vulnerability Submit Press Release Vulnerability Report Windows Search for: Home News Vulnerability Report Critical Blink Router Flaws (CVSS 9.8)

Firmware

Firmware DNS Penetration Testing Advertising

Arrest, Seizures Tied to Netwalker Ransomware

Krebs on Security

JANUARY 27, 2021

NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a percentage of any funds extorted from victims. Each build is unique, in that the malware is inside the script – it is not downloaded from the internet. Powershell build.

Ransomware

Ransomware Cybercrime Antivirus Encryption

QR codes sent in attachments are the new favorite for phishers

Malwarebytes

APRIL 3, 2025

Combined with other known phishing techniques, QR codes provide criminals with a potent tool for collecting usernames and passwords, distributing malware, and other malicious activities. Personal email addresses would see generic advertising, but corporate email addresses would be prompted to log in with their Microsoft account.

Phishing

Phishing Banking Mobile Accountability

AI and collaboration tools: how cyberattackers are targeting SMBs in 2025

SecureList

JUNE 25, 2025

At the same time, AI-driven attacks are becoming increasingly common, making phishing and malware campaigns easier to prepare and quickly adapt, thus increasing their scale. Meanwhile, cybersecurity regulations are tightening, adding more compliance pressure on SMBs. Improving your security posture has never been more critical.

Adware

Adware Phishing Computers and Electronics Banking

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

Make sure your organization is aware of and prepared for the complex cybersecurity risks that emerge when you mix AI and the cloud. Stewards should help scale and standardize cybersecurity practices and processes throughout the open source ecosystem. Dive into six things that are top of mind for the week ending March 21.

Risk

Risk IoT Cybersecurity Manufacturing

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITYSYSTEM

Penetration Testing

JUNE 12, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Penetration Testing

Penetration Testing Firmware Advertising DDOS

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

.” Peter, who spoke candidly about the attack on condition of anonymity, said the FBI told him to contact a cybersecurity consulting firm in New Jersey called Unit 221B , and specifically its founder — Lance James. “You want to use your own software or someone else who’s trusted to do it.”

Ransomware

Ransomware Encryption Backups Manufacturing

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

Penetration Testing

JUNE 17, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Firmware

Firmware Penetration Testing Manufacturing Advertising

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

JULY 28, 2022

” [Full disclosure: Constella is currently an advertiser on this website]. The user Microleaves (later “Shifter.io”) advertised on BlackHatWorld the sale of 31 million residential IPs for use as proxies, in late 2013. By November 2013, Acidut was advertising the sale of “26 million SOCKS residential proxies.”

Advertising

Advertising Computers and Electronics Software Adware

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools

eSecurity Planet

MARCH 10, 2025

Disguised as a legitimate bypass tool The malware campaign exploits users need to overcome online restrictions. Attackers package the SilentCryptoMiner within archives advertised as deep packet inspection (DPI) bypass utilities. In reality, the archive includes a Python-based loader that eventually retrieves the miner payload.

VPN

VPN Antivirus Cryptocurrency Malware

1 in 10 people do nothing to stay secure and private on vacation

Malwarebytes

MARCH 17, 2025

This year, Spring Break vacationers are packing more than their flip-flops, bucket hats, and sunglassestheyre also packing a few cybersecurity anxieties for the trip. Once users click on the websites, which appear legitimate, theyre tricked into downloading malware or handing over sensitive information to scammers.

Scams

Scams Passwords VPN Backups

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Security Affairs

FEBRUARY 17, 2025

Alexander Igorevich Mishinand Aleksandr Sergeyevich Bolshakovare the two Russian nationals and administrators of Zservers. “ Zservers , headquartered in Barnaul, Russia, has advertised BPH services on known cybercriminal forums to evade law enforcement investigations and takedowns, as well as scrutiny from cybersecurity firms.

Cybercrime

Cybercrime Ransomware Hacking Advertising

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

One “autodoxer” service advertised on Telegram that promotes a range of voice phishing tools and services. Allison Nixon is the chief research officer for Unit 221B , a cybersecurity firm in New York that has worked on a number of investigations involving these voice phishing groups.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

Zero Day

JUNE 30, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Authentication

Authentication Passwords Password Management Artificial Intelligence

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

SecureWorld News

FEBRUARY 14, 2025

And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect. Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day.

Scams

Scams Cybercrime Phishing Social Engineering

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory

Penetration Testing

JUNE 5, 2025

This method: Leverages trusted Windows functionality, not malware binaries. Related Posts: ME Analyzer: Intel Engine Firmware Analysis Tool CSE CybSec ZLAB releases Malware Analysis Report: Dark Caracal APT 10,000 WordPress Websites Compromised to Deliver macOS and Windows Malware Rate this post Found this helpful?

Penetration Testing

Penetration Testing Advertising Malware Firmware

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

Based on an analysis by cybersecurity news platform Hackread , the data contains dates of birth, phone numbers, email addresses, street addresses, and even social security numbers. Trey Ford, Chief Information Security Officer at crowdsourced cybersecurity firm Bugcrowd offers an interesting take.

Password Management

Password Management Passwords Identity Theft Software

Does Your Organization Have a Security.txt File?

Krebs on Security

SEPTEMBER 20, 2021

The security.txt file made available by USAA , for example, includes links to its bug bounty program; an email address for disclosing security related matters; its public encryption key and vulnerability disclosure policy; and even a link to a page where USAA thanks researchers who have reported important cybersecurity issues.

Retail

Retail Healthcare Internet Internet

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Trending Sources

DeepSeek users targeted with fake sponsored Google ads that deliver malware

Fake AI Video Tools Spreading New “Noodlophile” Malware, Targets Thousands on Facebook

Banshee macOS stealer supports new evasion mechanisms

No SOCKS, No Shoes, No Malware Proxy Services!

SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide

GhostGPT: A Malicious AI Chatbot for Hackers

Hackers Exploit Russian Host Proton66 for Global Malware Attacks, Researchers Say

Malicious Office 365 Apps Are the Ultimate Insiders

Malware attack disguises itself as DeepSeek installer

Macs targeted by info stealers in new era of cyberthreats

New AI “agents” could hold people for ransom in 2025

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

From Menu to Malware: How Innocent Scans Lead to Quishing Attacks

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Be Very Sparing in Allowing Site Notifications

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

Meet the Administrators of the RSOCKS Proxy Botnet

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Dark web threats and dark market predictions for 2025

Root Access Unlocked: Public PoC Exposes GlobalProtect macOS Privilege Escalation Flaw

U.S. Indicts North Korean Hackers in Theft of $200 Million

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Arrest, Seizures Tied to Netwalker Ransomware

QR codes sent in attachments are the new favorite for phishers

AI and collaboration tools: how cyberattackers are targeting SMBs in 2025

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITYSYSTEM

Researchers Quietly Cracked Zeppelin Ransomware Keys

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

Breach Exposes Users of Microleaves Proxy Service

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools

1 in 10 people do nothing to stay secure and private on vacation

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

A Day in the Life of a Prolific Voice Phishing Crew

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory

86 million AT&T customer records reportedly up for sale on the dark web

Does Your Organization Have a Security.txt File?

Stay Connected