Posts

Showing posts from April, 2024

CISA ransomware warning program will launch this year

Image
The Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security, is rolling out a program that warns organizations about potential ransomware attacks, CyberScoop reports. The program is currently running as a pilot and will be fully operational by the end of 2024. About 7,000 organizations have signed up for the pilot. So far, CISA has issued 2,049 warnings since the pilot was launched in January 2023. “The warning pilot is focused on reducing the prevalence of ransomware by using our vulnerability scanning tools to let businesses know if they have vulnerabilities that need to be patched,” CISA Director Jen Easterly told CyberScoop. To get alerts, organizations need to sign up for CISA’s cyber hygiene scanning tool. According to CISA’s FAQ page for the program, the tool “[e]valuates external network presence by executing continuous scans of public, static IPv4s for accessible services and vulnerabilities. This service provides weekly vulnerability r...

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

Image
  Attackers are once again abusing  Google Ads  to target people with info-stealing malware, this time using an ad-tracking feature to lure corporate users with fake ads for popular collaborative groupware such as Slack and Notion. Researchers from AhnLab Security Intelligence Center (ASEC) discovered  a malicious campaign  that uses a statistical feature to embed URLs that distribute malware, including the Rhadamanthys stealer, they revealed in a blog post published this week. The feature lets advertisers insert external analytic website addresses into ads to collect and use their visitors' access-related data to calculate ad traffic. However, instead of inserting a URL for an external statistics site, attackers are abusing the feature to enter sites for  distributing malicious code , the researchers found. Ads related to the campaign have already been deleted. But when they were still active, "clicking on the banner would take unsuspecting users to the ad...