News : KnowBe4 Warns of Massive Web Ad Poisoning of News and Weather Sites
KnowBe4 issued a statement over the weekend warning IT managers of a new blast of ransomware infections caused by malvertizing, misusing publishing network Adspirit.de. This network is used by companies such as Drudgereport.com, Weather.com, wunderground.com and has apparently spread to eBay and AOL.com, sites visited by millions of users according to security researchers at MalwareBytes and reported by SC Magazine.
According to KnowBe4 CEO Stu Sjouwerman, "The same cybercrime lowlifes that infected the Yahoo website a few weeks ago have struck again, and were serving poisoned web ads which either dropped CryptoWall ransomware or infected the PC with adware."
Most employees who browse the web during the day or over lunch do not understand the mechanics of modern ad networks. Once an ad network is subverted, hundreds of millions of poisoned ads are displayed in real-time. Many of these ads initiate a drive-by attack without the user having to do anything. The attack does a few redirects, kicks in a U.S. and Canada-focused Exploit Kit which checks for vulnerabilities (usually in Flash) and infects the workstation literally in seconds.
According to Sjouwerman, this is a hard one to defend against, because it can be hidden behind an SSL to Microsoft's Azure Cloud, making it difficult to detect. Cybercriminals attempt to fool the ad network into thinking they are a legit advertiser, but the ads which are displayed on major websites are poisoned. If someone then browses to a page with a poisoned ad on it, it is enough to run the risk a PC will be encrypted with ransomware, which costs an average of $500 dollars to get files back.
2018 Top Ranking Performers Present:
CONTACT CENTER & CUSTOMER ENGAGEMENT
BERLIN - ORLANDO - MACAOFIND OUT MORE!
Sjouwerman encourages IT managers to warn their staff and help them understand how such ad poisoning works so users are protected in any type of environment. Sjouwerman further advises, "First, disable Adobe Flash on your computer - or at least set the Adobe Flash plug-in to "click-to-play" mode - which blocks the automatic infections. Second, keep up-to-date with all the security patches and install them as soon as they come out. Third, download and install Ad Blocker plug-ins for your browser, these prevent the ads from being displayed in your browser to start with. These ad blockers are getting very popular, hundreds of millions of people use them.
In an organization’s network, you could: 1) Get rid of Flash all together, or 2) Deploy ad blockers using group policy. There are free solutions such as Adblock Plus in Chrome which work well and can help protect a network."
Today's Tip of the Day - The 3 L’s
More Editorial From KnowBe4
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was seriously neglected, KnowBe4 was created by Kevin Mitnick (World’s Most Famous Hacker) and Stu Sjouwerman, to help organizations manage the problem of social engineering through security awareness training. Over 1,500 organizations use KnowBe4 to keep employees on their toes. KnowBe4 is used in all industries, including finance, healthcare, energy, government and insurance.
Published: Tuesday, August 18, 2015
Genesys® powers 25 billion of the world’s best customer experiences each year. Our success comes from connecting employee and customer conversations on any channel, every day. Over 10,000 companies in...
Seamless customer engagement begins and lasts with Netcall. Contact centre technology designed with your customers experience in mind, allows you to access data and content where it’s needed using ou...
Cisco provides Unified Customer Contact solutions that extend customer care beyond simple phone transactions and the traditional contact centre to unique content-rich customer centric experiences. The...
Noble Systems Corporation is a global provider of contact center, workforce engagement, and analytics technologies, offering premise, cloud, and hybrid platforms. Noble Systems has been providing inno...