Aggregator

In a world where organizations’ digital footprint is constantly changing and attackers regularly capitalize on security failings in exposed IT assets, making the effort to minimize your external attack surface is a no-brainer. The goal is simple: Make your organization a hard nut to crack and thus force attackers to look for easier targets. To do that, you must be able to see the entirety of your organization’s external attack surface as threat actors see … More →

The post Threat actors are scanning your environment, even if you’re not appeared first on Help Net Security.

Discover the Blue Shield of California data breach affecting 4.7M members. Learn about the risks and essential security measures to protect your data.

The post Blue Shield of California Data Breach Exposes 4.7M Members’ Info appeared first on Security Boulevard.

Discover Google's Firestore with MongoDB compatibility, enhancing cloud database functionality with serverless architecture. Explore the future of data storage.

The post Google Cloud Enhances Databases with Firestore and MongoDB Features appeared first on Security Boulevard.

Jeffrey Bowie, the CEO of a local cybersecurity firm, has been arrested for allegedly planting malware on computers at SSM St. Anthony Hospital. Bowie, who until recently touted himself as a leader in protecting businesses from cyber threats, now faces charges that he became the very threat he promised to prevent. Police say the incident […]

The post Cybersecurity Firm CEO Arrested for Planting Malware in Hospital Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track someone’s online presence across multiple platforms. GoSearch incorporates data from Hudson Rock’s Cybercrime Database, offering detailed insights into potential cybercrime connections. It also draws from BreachDirectory.org and ProxyNova databases, providing extensive access to breached data, including plain-text and hashed passwords associated with usernames. For investigators who need reliable results without … More →

The post GoSearch: Open-source OSINT tool for uncovering digital footprints appeared first on Help Net Security.

Ransomware attacks are becoming more refined and pervasive, posing significant challenges to organizations globally. A Veeam report reveals that while the percentage of companies impacted by ransomware attacks has slightly declined from 75% to 69%, the threat remains substantial. This decrease is attributed to improved preparation and resilience practices, as well as increased collaboration between IT and security teams. However, as ransomware attacks from both established groups and “lone wolf” actors proliferate, organizations must adopt … More →

The post Ransomware attacks are getting smarter, harder to stop appeared first on Help Net Security.

What would happen if the US government halted funding for the CVE program? In this episode, we explore the controversies surrounding the funding of the CVE program, the role of CVEs in the cybersecurity industry, and the recent launch of the CVE Foundation. We also discuss the Trump Administration’s executive order that revoked the security […]

The post The Impact of Politics on Cybersecurity: CVE’s and the Chris Krebs Executive Order appeared first on Shared Security Podcast.

The post The Impact of Politics on Cybersecurity: CVE’s and the Chris Krebs Executive Order appeared first on Security Boulevard.

Web applications face a wide range of risks, including known-exploitable vulnerabilities, supply chain attacks, and insecure identity configurations in CI/CD, according to the Datadog State of DevSecOps 2025 report. 14% of Java services still contain at least one vulnerability By analyzing a dataset of applications to identify known third-party vulnerabilities, it was found that 15% of services are vulnerable to known-exploited vulnerabilities, affecting 30% of organizations. They are particularly prevalent among Java services, with 44% … More →

The post Most critical vulnerabilities aren’t worth your attention appeared first on Help Net Security.

最新发现，一个名为“Scallywag”的大规模广告欺诈操作，通过精心制作的WordPress插件，每天产生数十亿的欺诈请求，从盗版和URL缩短网站中获利。

Scallywag是由机器人和欺诈检测公司HUMAN发现的，该公司绘制了一个由407个域名组成的网络，支持该操作，最高时每天有14亿个欺诈性广告请求。

HUMAN阻止和报告Scallywag流量的行为导致其减少了95%，尽管威胁者通过轮换域名和转向其他货币化模式显示出了弹性。

围绕WordPress广告欺诈插件构建

由于法律风险、品牌安全问题、广告欺诈和缺乏高质量的内容，合法的广告提供商会避免盗版和网址缩短网站。

Scallywag是一个围绕四个WordPress插件建立的欺诈即服务运营，帮助网络罪犯从高风险和低质量的网站中赚钱。

该操作创建的WordPress插件是Soralink（2016年发布），Yu Idea（2017年），WPSafeLink（2020年）和Droplink（2022年）。

Human表示，多个独立的威胁者购买并使用这些WordPress插件来建立自己的广告欺诈计划，有些人甚至在YouTube上发布教程，详细说明如何做到这一点。

这些扩展降低了潜在威胁者的进入门槛，他们想要从通常无法通过广告获利的内容中获利；事实上，一些威胁者已经发布了视频来指导其他人建立自己的计划。

Droplink是这种销售模式的唯一例外，因为它可以通过为卖家执行各种赚钱步骤而免费获得。

访问盗版目录网站查找电影或高级软件的用户点击嵌入的url缩短链接，并通过该操作的现金支付基础设施被重定向。

不能直接投放广告的盗版目录网站不一定是由Scallywag运营的。相反，它们的运营商与广告欺诈者结成了“灰色伙伴关系”，将盈利外包出去。

盗版网站（左）链接到Scallywag网站（右）

重定向过程将访问者带过中间的大量广告页面，这些页面会给Scallywag运营商带来欺诈性印象，并最终进入一个包含承诺内容（软件或电影）的页面。

中间站点是运行Scallywag插件的WordPress站点。这些处理重定向逻辑，广告加载，验证码，计时器和隐形机制，它显示一个干净的博客在广告平台检查。

Scallywag的操作概述

破坏Scallywag

HUMAN通过分析其合作伙伴网络中的流量模式来检测Scallywag活动，例如来自看似良性的WordPress博客的高广告印象量，伪装行为，以及在重定向之前强制等待时间或CAPTCHA交互。

直接访问（左）和通过url缩短器访问（右）的同一站点

随后，它将Scallywag列为欺诈网络，与广告提供商合作，停止对广告请求的竞标，并削减了Scallywag的收入来源。

作为回应，Scallywag的参与者试图通过使用新的现金支付域名和打开重定向链来隐藏真正的推荐者来逃避检测，但HUMAN表示他们也检测并阻止了这些。

Scallywag请求随时间的推移

结果，Scallywag的每日广告欺诈流量从14亿急剧下降到几乎为零，许多分支机构放弃了这种方法，转而采用其他骗局。

尽管Scallywag生态系统在经济上已经崩溃，但它的运营商很可能会继续试图逃避缓解措施，重新盈利。

Santa Clara, Calif. April 27, 2024 – Recently, NSFOCUS Intelligent Security Operations Platform (NSFOCUS ISOP) was once again recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2024 “Global Modern SIEM Technology Innovation Leadership Award”. Frost & Sullivan Best Practices Recognition awards companies each year in a variety of regional and global […]

The post NSFOCUS ISOP Receives International Recognition: AI Drives Enterprise Security Operations from “Complex” to “Simple” appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS ISOP Receives International Recognition: AI Drives Enterprise Security Operations from “Complex” to “Simple” appeared first on Security Boulevard.