TamperedChef serves bad ads, with infostealers as the main course
Sophos X-Ops explores a malvertising campaign that leverages Google Ads to distribute an infostealer
Categories: Threat Research
Tags: TamperedChef, EvilAI, infostealer, Sophos X-Ops
Similar Posts
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
Bys sMatt Burgess and Lily Hay Newman report: The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Facebook, and Google logins and credentials for accounts connected to multiple governments—underscores the risks…
Product Walkthrough: Securing Microsoft Copilot with Reco
Bys sFind out how Reco keeps Microsoft 365 Copilot safe by spotting risky prompts, protecting data, managing user access, and identifying threats – all while keeping productivity high. Microsoft 365 Copilot promises to boost productivity by turning natural language prompts into actions. Employees can generate reports, comb through data, or get instant answers just by asking…
WA: Cyber-attacks problem for small hospitals
Bys sWe often hear about the challenges rural hospitals face in preventing and responding to cyberattacks. Here’s an article that provides some numbers for context. Don Gronning reports: Small hospitals have been a target of cyber criminals, hospital district CEO Kim Manus told Pend Oreille Hospital District No. 1 commissioners at their regular meeting Thursday, July…
Legal threat: DMCA notice to SuspectFile is refuted, but it never should have happened
Bys sWhen an unfounded legal threat comes from someone in your own community, it seems especially offensive and disappointing. In this case, a security journalist received a legal threat from a cybersecurity news site. When SuspectFile journalist Marco A. De Felice was sent a superinjunction from the High Court in the U.K. in response to his……
Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers
Bys sCybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that’s capable of stealing sensitive payment information from online shopping…
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
Bys sA team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP)…