Threat actors are using manipulated Google search results and malicious ads to trick users into downloading malware disguised as legitimate software such as WinSCP. The cybercriminals leverage Google’s Dynamic Search Ads to serve the malware-infected ads, which direct users to a phishing site where they download the malware. Cybersecurity company Securonix, which is tracking the activity, states that the geoblocking used suggests US users are the main targets.
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious
