63

Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising(www.bleepingcomputer.com)

posted
by
Avatar
BrikoX@lemmy.zip
in
Avatar
cybersecurity@sh.itjust.works
8 comments
hidereport

A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.

Sort:
HotTopControversialNewOld
Avatar
Telorand@reddthat.com
12 points

Wait, are system admins the types to click on ads? I thought one of the most important rules of the internet was “never click on ads.” Seems like the wrong place to go phishing.

permalink
report
reply
Avatar
Fuck spez@sh.itjust.works
4 points

Devil’s advocate: it would be worth the risk of wasted time to an attacker when the payoff is potentially gaining admin access to one or two high-value systems.

permalink
report
parent
reply
Avatar
Evotech@lemmy.world
4 points

System admins are just people

permalink
report
parent
reply
Avatar
General_Shenanigans@lemmy.world
2 points

“My boss says I need something called ‘Wind Skip.’ I don’t know what it’s for; I have a PDF here with instructions. He says we can just download it and run it, but I couldn’t find it. Can you install it for me?”

permalink
report
parent
reply
Avatar
𝕸𝖔𝖘𝖘@infosec.pub
7 points

Search engine advertisements have become a massive problem over the past couple of years, with numerous threat actors utilizing them to push malware and phishing sites.

It’s a good thing that Google is fighting so hard to block the use of adblockers, since the shareholders’ profits are so much more important than the safety of everyone else.

permalink
report
reply
Avatar
kemsat@lemmy.world
5 points

I’m feeling more & more glad I finally switched to Linux.

permalink
report
reply
Avatar
Nora@lemmy.ml
3 points

Another benefit to using Ninite.

permalink
report
reply
Avatar
loki@lemmy.ml
2 points

Scoop for me. 1 more layer of audit, 1 additional layer of trust. There are occasional hiccups but they haven’t broken my trust yet.

permalink
report
parent
reply

Cybersecurity

!cybersecurity@sh.itjust.works

Create post

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

  • Be respectful. Everyone should feel welcome here.
  • No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
  • No Ads / Spamming.
  • No pornography.

Community Rules

  • Idk, keep it semi-professional?
  • Nothing illegal. We’re all ethical here.
  • Rules will be added/redefined as necessary.

If you ask someone to hack your “friends” socials you’re just going to get banned so don’t do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

Community stats

  • 1.7K

    Monthly active users

  • 1.5K

    Posts

  • 3.3K

    Comments

Community moderators