How to protect your organization against SEO poisoning and malvertising
Alongside traditional approaches like software vulnerabilities and misconfigurations in applications, hackers are constantly looking for new ways to get into devices and corporate networks. Two of the biggest growing threats are Search Engine Optimization (SEO) poisoning and Malvertising.
SEO Poisoning is where hackers lure victims to legitimate websites by populating them with content on topics of interest to potential victims. For example, Gootloader, an Initial-Access-as-a-Service operation, targets law professionals because they handle sensitive business data that can be extremely valuable. Hackers use Gootloader to get a foothold into an organization’s IT environment and then spread laterally through the entity’s IT network to implant ransomware or exfiltrate data.