#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

click fraud Scam | Breaking Cybersecurity News | The Hacker News

Alleged Russian Hacker Pleads Not Guilty After Extradition to United States

Alleged Russian Hacker Pleads Not Guilty After Extradition to United States

Jan 21, 2019
A Russian hacker indicted by a United States court for his involvement in online ad fraud schemes that defrauded multiple American companies out of tens of millions of dollars pleaded not guilty on Friday in a courtroom in Brooklyn, New York. Aleksandr Zhukov , 38, was arrested in November last year by Bulgarian authorities after the U.S. issued an international warrant against him, and was extradited by Bulgaria to the United States on Thursday (January 18, 2019). He is currently in prison in Brooklyn. In November 2018, law enforcement and multiple security firms collaborated to shut down one of the largest digital ad-fraud schemes, which they dubbed 3ve , that infected over 1.7 million computers worldwide to generate fake clicks used to defraud digital advertisers for years and made tens of millions of dollars in revenue. Pronounced "Eve," the online ad-fraud campaign was believed to have been active since at least 2014, but its fraudulent activity grew last yea
​Google, Yahoo, Facebook Collaborate to Blacklist Bad Bots

​Google, Yahoo, Facebook Collaborate to Blacklist Bad Bots

Jul 22, 2015
The major tech companies including Google, Facebook, and Yahoo! have joined their hands to launch a new program meant to block fake web traffic by blacklisting flagged IP addresses. Today, majority of data center traffic is non-human or illegitimate, so to fight against this issue the Trustworthy Accountability Group (TAG) has announced a program that will tap into Google's internal data-center blacklist to filter bots. The new pilot program will reject traffic from web robots or bots by making use of a blacklist, cutting a significant portion of web traffic from within data centers, said Google Ad Manager Vegard Johnsen. Google or any other big tech firm maintains a Blacklist that lists suspicious IP addresses of computer systems in data centers that may be trying to trick the human into clicking on advertisements. Google's DoubleClick blacklist alone blocked some 8.9% of data-center traffic back in May. Facebook and Yahoo to Contribute Apart from Goo
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Malware Poses as Flash Update Infects 110,000 Facebook Users within 2 Days

Malware Poses as Flash Update Infects 110,000 Facebook Users within 2 Days

Jan 31, 2015
Facebook users just Beware!! Don't click any porn links on Facebook. Foremost reason is that you have thousands of good porn sites out there, but there's an extra good reason right now. Rogue pornography links on the world's most popular social network have reportedly infected over 110,000 Facebook users with a malware Trojan in just two days and it is still on the rise, a security researcher warned Friday. The Facebook malware disguised as a Flash Player update and spreads itself by posting links to a pornographic video from the Facebook accounts of previously infected users. The malware generally tags as many as 20 friends of the infected user . "In the new technique, which we call it ' Magnet ,' the malware gets more visibility to potential victims by tagging the friends of the victim in the malicious post," said Mohammad Faghani, a senior consultant at PricewaterhouseCoopers, in a mailing list post to the Full Disclosure infosec hangout.  "A tag may
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Malware Exploits SHELLSHOCK Vulnerability to Hack NAS Devices

Malware Exploits SHELLSHOCK Vulnerability to Hack NAS Devices

Dec 16, 2014
The year is about to end, but serious threats like  Shellshock is " far from over ". Cyber criminals are actively exploiting this critical GNU Bash vulnerability to target those network attached storage devices that are still not patched and ready for exploitation. Security researchers have unearthed a malicious worm that is designed to plant backdoors on network-attached storage (NAS) systems made by Taiwan-based QNAP and gain full access to the contents of those devices. The worm is spread among QNAP devices, which run an embedded Linux operating system, by the exploitation of the GNU Bash vulnerability known as ShellShock or Bash, according to security researchers at the Sans Institute. QNAP vendor released a patch in early October to address the flaw in its Turbo NAS product, but because the patches are not automatic or easy to apply for many users, so a statistically significant portion of systems remain vulnerable and exposed to the Bash bug . Sh
Cybersecurity Resources