UAT-8099 Hijacks Reputable Sites for SEO Fraud & Theft
A Chinese-language threat actor uses every part of the kill: infecting Web servers with malware, poisoning sites with SEO spam, and stealing organizational data for follow-on attacks.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Chinese-language threat actor uses every part of the kill: infecting Web servers with malware, poisoning sites with SEO spam, and stealing organizational data for follow-on attacks.
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications
Real-time video deepfakes? Not convincing yet RSAC Spam messages predate the web itself, and generative AI has given it a fluency upgrade, churning out slick, localized scams and letting crooks hit regions and dialects they used to ignore.…
Stealthy ad fraud rings turn legitimate marketing into spam at a large scale, creating 200M+ bid requests daily.
A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising. [...]
On the eve of their federal criminal trial for allegedly stealing vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct have agreed to plead guilty to lesser misdemeanor charges of fraud and misrepresentation via email.
Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book "Spam Nation," was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and facilitated money laundering for Hydra, the largest Russian darknet market. But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia's state security services and the cybercriminal underground.
Researchers have never before seen SquirrelWaffle attackers use typosquatting to keep sending spam once a targeted Exchange server has been patched for ProxyLogon/ProxyShell.