Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Malvertizing is alive and well spreading CryptoWall ransomware through poisoned ads

by The Gurus
August 19, 2015
in Editor's News
Share on FacebookShare on Twitter

KnowBe4 issued a statement over the weekend warning IT managers of a new blast of ransomware infections caused by malvertizing, misusing publishing network Adspirit.de. This network is used by companies such as Drudgereport.com, Weather.com, wunderground.com and has apparently spread to eBay and AOL.com, sites visited by millions of users according to security researchers at MalwareBytes and reported by SC Magazine.
According to KnowBe4 CEO Stu Sjouwerman, “The same cybercrime lowlifes that infected the Yahoo website a few weeks ago have struck again, and were serving poisoned web ads which either dropped CryptoWall ransomware or infected the PC with adware.”
Most employees who browse the web during the day or over lunch do not understand the mechanics of modern ad networks. Once an ad network is subverted, hundreds of millions of poisoned ads are displayed in real-time. Many of these ads initiate a drive-by attack without the user having to do anything. The attack does a few redirects, kicks in a U.S. and Canada-focused Exploit Kit which checks for vulnerabilities (usually in Flash) and infects the workstation literally in seconds.
According to Sjouwerman, this is a hard one to defend against, because it can be hidden behind an SSL to Microsoft’s Azure Cloud, making it difficult to detect. Cybercriminals attempt to fool the ad network into thinking they are a legit advertiser, but the ads which are displayed on major websites are poisoned. If someone then browses to a page with a poisoned ad on it, it is enough to run the risk a PC will be encrypted with ransomware, which costs an average of $500 dollars to get files back.
Sjouwerman encourages IT managers to warn their staff and help them understand how such ad poisoning works so users are protected in any type of environment. Sjouwerman further advises, “First, disable Adobe Flash on your computer – or at least set the Adobe Flash plug-in to “click-to-play” mode – which blocks the automatic infections. Second, keep up-to-date with all the security patches and install them as soon as they come out. Third, download and install Ad Blocker plug-ins for your browser, these prevent the ads from being displayed in your browser to start with. These ad blockers are getting very popular, hundreds of millions of people use them.  
In an organization’s network, you could: 1) Get rid of Flash all together, or 2) Deploy ad blockers using group policy. There are free solutions such as Adblock Plus in Chrome which work well and can help protect a network.”
For more information visit: www.knowbe4.com

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Arbit & OPSWAT Offer Safe and Secure Data Flow for High Security Networks

Next Post

UK Teenage FBI hacker charged under Computer Misuse Act

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information