www.riskcrew.com Open in urlscan Pro
35.176.110.22  Public Scan

Form analysis
1 forms found in the DOM

POST https://www.riskcrew.com/wp-comments-post.php

<form action="https://www.riskcrew.com/wp-comments-post.php" method="post" id="commentform" class="comment-form" novalidate="">
  <p class="comment-notes"><span id="email-notes">Your email address will not be published.</span> Required fields are marked <span class="required">*</span></p>
  <p class="comment-form-comment"><label for="comment">Comment</label> <textarea id="comment" name="comment" cols="45" rows="8" maxlength="65525" required="required"></textarea></p>
  <p class="comment-form-author"><label for="author">Name <span class="required">*</span></label> <input id="author" name="author" type="text" value="" size="30" maxlength="245" required="required"></p>
  <p class="comment-form-email"><label for="email">Email <span class="required">*</span></label> <input id="email" name="email" type="email" value="" size="30" maxlength="100" aria-describedby="email-notes" required="required"></p>
  <p class="comment-form-url"><label for="url">Website</label> <input id="url" name="url" type="url" value="" size="30" maxlength="200"></p>
  <p class="form-submit"><input name="submit" type="submit" id="submit" class="submit" value="Post Comment"> <input type="hidden" name="comment_post_ID" value="10135" id="comment_post_ID">
    <input type="hidden" name="comment_parent" id="comment_parent" value="0">
  </p>
</form>

Text Content

Skip to content

Please consider updating your browser. Some parts of the website may not
function as intended.

 * 

 * Risk Management
   * Information Security Threat & Risk Assessment Service
   * Information Security Policies
   * Ransomware Readiness Audit
   * Secure Code Review
   * Information Security eLearning Courses
   * Cyber Supply Chain Risk Management
   * Information Security Risk Consultancy
 * Security Testing
   * Red Team Testing
   * Risk-Driven Application Security Testing
   * Network Security Penetration Testing
   * APT Attack Testing
   * Mobile Application Security Testing
   * IoT Security Penetration Testing
   * Web Application Security Penetration Testing
   * Security Vulnerability Assessment
   * Cloud Security Testing
   * Social Engineering Testing
 * GRC
   * ISO 27001 Compliance
   * Cyber Essentials
   * SOC 2 Compliance
   * DPA 2018 Compliance
   * Virtual CISO Service
   * DPO on-Demand Service
   * PCI Compliance Services
 * eRiskology

 * Contact Us
 * Blog
 * Security Alerts
 * About The Crew
 * Webinars
 * Events





SECURITY ALERTS


120 COMPROMISED ADVERTISEMENT SERVERS PUT MILLIONS OF INTERNET USERS AT RISK


Posted on April 20, 2021April 20, 2021 by Gabriel McLeish
20
Apr

An ongoing “malvertising” campaign dubbed “Tag Barnakle” was identified as the
breach point of more than 120 Advertisement servers over the past year.

The threat actors aim to inject code to host Adware that redirects users to
domains under threat actors’ control, exposing them to more malware.

The adversaries behind the Tag Barnakle campaign are upgrading their tools to
target mobile devices in addition to the initial targets, such as the
open-source advertising server Revive.


THE IMPACT

If someone were to engage with the Adware, their devices could become
compromised and potentially used as a base for further attacks.


THE REMEDIATION

As the malvertising campaign is still active, thousands if not millions of
devices are still at risk. Whilst there is no specific remediation, the
following are recommendations on reducing the risk of compromise:

 1. Raise awareness in an organisation, and social engineering encompasses more
    than phishing. Potential victims need to be made aware of the dangers of
    clicking on Adware as well.
 2. Keep all antivirus software’s and software versions up to date and make sure
    that all necessary detection settings are enabled.
 3. Applications and software should only be downloaded and or purchased from a
    reputable source.

Source: The Hacker News


This entry was posted in Security Alerts and tagged Advertisement Servers.

GABRIEL MCLEISH



What’s the difference between SOC 1, 2 and 3?
Cyber Supply Chain Risk Management – Should Penetration Testing be Required?


LEAVE A REPLY CANCEL REPLY

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Website




FIND A POST ON THE SUBJECT OF YOUR CHOICE:


alerts august2020 awareness training Brexit ciso CREST Accedidated Cyber
Essentials Plus Cyber Liability Insurance Cyber Security Cyber security risk
management data breach Data Privacy data protection data protection policies dpa
2018 DPA Compliance DPIA elearning eop bug free webinar gdpr GDPR due diligence
hotspot shield vpn infographic Information Security Awareness Information
Security Awareness Training information security framework infosec awareness
IObit forums hacked ISO 27001 ISO 27001 Certification ISO 27701 July2020
June2020 management apps Expose Machines to Attack Penetration testing pen
testing personal data deletion phishing ransomware gangs Security Culture
security staff awareness program SOC 2 vs ISO 27001 social engineering social
engineering attacks


CONTACT US



5 Maltings Place
169 Tower Bridge Road
London SE1 3JB
United Kingdom

+44 (0) 20 3653 1234
information@riskcrew.com



 
 
 




ABOUT RISK CREW


We are an elite group of information security governance, risk & compliance
experts and the forerunners in the design & delivery of innovative & effective
solutions with a 100% satisfaction guarantee.






CONTACT US



5 Maltings Place
169 Tower Bridge Road
London, SE1 3JB
United Kingdom

+44 (0) 20 3653 1234
information@riskcrew.com

  


QUICK LINKS


 * Home
 * Customer Promise
 * Partner Programme
 * Privacy Notice
 * Cookie Policy
 * Promotion Terms and Conditions

 * GRC Consultancy Services
 * Security Testing
 * APT Attack Testing
 * Cloud Security Testing
 * Mobile Device Security Testing

Copyright 2021 © Risk Crew
 * Risk Management
   * Information Security Threat & Risk Assessment Service
   * Information Security Policies
   * Secure Code Review
   * Ransomware Readiness Audit
   * Information Security eLearning Courses
   * Cyber Supply Chain Risk Management
   * Information Security Risk Consultancy
 * Security Testing
   * Risk-Driven Application Security Testing
   * Red Team Testing
   * APT Attack Testing
   * Network Security Penetration Testing
   * Social Engineering Testing
   * Web Application Security Penetration Testing
   * IoT Security Penetration Testing
   * Security Vulnerability Assessment
   * Mobile Application Security Testing
   * Cloud Security Testing
 * GRC
   * Virtual CISO Service
   * ISO 27001 Compliance
   * Cyber Essentials
   * SOC 2 Compliance
   * DPA 2018 Compliance
   * DPO on-Demand Service
   * PCI Compliance Services
 * eRiskology
 * Contact Us
 * Blog
 * About The Crew
 * Webinars
 * Events
 * 

Risk Crew
This website uses cookies to improve your experience. We'll assume you're ok
with this, but you can opt-out if you wish. ACCEPT & CLOSE Cookie PolicyCookie
Settings
Privacy & Cookies Policy
Close

PRIVACY OVERVIEW

This website uses cookies to improve your experience while you navigate through
the website. Out of these cookies, the cookies that are categorized as necessary
are stored on your browser as they are as essential for the working of basic
functionalit...
Necessary
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly.
This category only includes cookies that ensures basic functionalities and
security features of the website. These cookies do not store any personal
information.
Non-necessary
Non-necessary
Any cookies that may not be particularly necessary for the website to function
and is used specifically to collect user personal data via analytics, ads, other
embedded contents are termed as non-necessary cookies. It is mandatory to
procure user consent prior to running these cookies on your website.
SAVE & ACCEPT