Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 1 April, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Yahoo beats down malvertising worry

by The Gurus
January 6, 2014
in Editor's News
Share on FacebookShare on Twitter

The Yahoo.com domain served malicious advertisements which redirected users to the “Magnitude” exploit kit.
 
According to a blog by Fox-IT, five iframes were infected which redirected users to websites that were served by an IP address in the Netherlands. This exploit kit exploits vulnerabilities in Java and can install different malware including ZeuS and Andromeda.
 
Fox-IT claimed that its examination of a traffic sample found that this mainly affected users in Europe, specifically Romania (accounted for 24 per cent of infections), the UK (23 per cent of infections) and France (20 per cent of infections). Fox-IT also said that, with a typical infection rate of nine per cent, this would result in around 7,000 infections every hour.
 
“At this time it’s unclear why those countries are most affected. It’s, likely due to the configuration of the malicious advertisements on Yahoo,” Fox-IT said. It reported on Friday 3rd January that traffic to the exploit kit had significantly decreased, implying that Yahoo was taking steps to fix the problem.
 
A Yahoo statement said it was aware of the issue. “At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.”
 
Amichai Shulman, CTO of Imperva, said that the problem in this case was the advertising platform, as any platform used for targeted advertising is equally effective for targeted malvertising.
 
“Regardless of the specific ad platform, they create an opportunity for an attacker to target specific geographies, specific crowds (programmers, travellers to specific destinations) and even specific people. For an ad platform it is virtually impossible to guarantee 100 per cent malware-free ads.
 
“Ad platforms should keep doing what they do (guarantee 100 per cent effort, not 100 per cent results) as consumers can really do nothing but to keep their computers as patched as possible. Enterprises must accept infection of devices is inevitable. The outcome of such an infection with respect to enterprise data can be mitigated through close monitoring and protection of the data sources.”

FacebookTweetLinkedIn
Tags: BotnetMalware
ShareTweetShare
Previous Post

Yahoo Ad Network abused to redirect users to malicious websites serving Magnitude Exploit Kit

Next Post

2014 prediction – Cloud will enable authentication

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information