1.8K
Downloads
44
Episodes
Stay ahead of the latest cybersecurity trends with Cyberside Chats! Listen to our weekly podcast every Tuesday at 6:30 a.m. ET, and join us live once a month for breaking news, emerging threats, and actionable solutions. Whether you’re a cybersecurity professional or an executive looking to understand how to protect your organization, cybersecurity experts Sherri Davidoff and Matt Durrin will help you stay informed and proactively prepare for today’s top cybersecurity threats, AI-driven attack and defense strategies, and more!
Join us monthly for an interactive Cyberside Chats: Live! Stay tuned for our next session to be announced soon.
Episodes
2 days ago
2 days ago
Attackers are poisoning search results and buying sponsored ads to push malware disguised as trusted software. In this episode, Sherri Davidoff and Matt Durrin break down the latest SEO poisoning and malvertising research, including the Oyster/Broomstick campaign that hid backdoors inside fake Microsoft Teams installers. Learn how these attacks exploit everyday user behavior, why they’re so effective, and what your organization can do to stop them.
Whether you’re a security leader, risk manager, or seasoned IT pro, you’ll walk away with clear, practical steps to reduce exposure and strengthen your defenses against the poisoned web.
KEY TAKEAWAYS
- Block and filter ad content at the enterprise level. Use enterprise web proxies, browser controls, and DNS filtering to block sponsored results and malicious domains tied to critical business tools or portals.
- Establish and enforce trusted download paths. Require that all software come from signed, verified, or internal repositories — not search results. Enforce application whitelisting so only verified executables can run — this blocks malicious installers even if a user downloads them.
- Incorporate poisoned-search scenarios into training and awareness materials. Teach staff to type trusted URLs, use bookmarks, or access internal portals directly rather than searching.
- Assess search behavior across your organization. Track how users find tools and portals — are they typing URLs, using bookmarks, or searching externally? Use this data to identify high-risk departments or roles and tailor awareness campaigns accordingly. Over time, shift culture toward safer, more deliberate browsing habits.
- Expand monitoring and detection. Hunt for persistence artifacts linked to poisoned-download infections, such as new scheduled tasks, DLL registrations, or rundll32.exe activity. Flag software installs originating from search-referral URLs in your EDR and SIEM.
- Conduct tabletop exercises that include search poisoning. Simulate incidents where employees download fake software or fall for poisoned ads. Practice tracing attacks back to SEO poisoning, identifying other potential victims, and developing plans to block future attacks through technical and policy controls.
Please like and subscribe for more cybersecurity content, and visit us at www.LMGsecurity.com if you need help with cybersecurity, training, testing, or policy development.
Resources & References
- Blackpoint Cyber SOC: Malicious Teams Installers Drop Oyster Malware
- BleepingComputer: Fake Microsoft Teams Installers Push Oyster Malware via Malvertising
- Netskope: Cloud & Threat Report 2025
- Netskope Press Release: Phishing Clicks Nearly Tripled in 2024
No comments yet. Be the first to say something!