It’s a good step forward in protecting users from malvertizing, but not a panacea. Cite: https://blogs.windows.com/msedgedev/2016/04/07/putting-users-in-control-of-flash/ By the way, have you updated Flash recently on your local computer? Please do so. You can check the version you have installed here.
Yes, really, and it has far more dangerous than it used to be (think ransomware): http://www.pandasecurity.com/mediacenter/family-safety/all-you-need-to-know-about-the-worrying-popularity-of-malvertising/
Cite: https://blog.malwarebytes.org/malvertising-2/2015/10/angler-exploit-kit-blasts-daily-mail-visitors-via-malvertising/ And, it was being displayed on the home page of the site. Affected users were exposed to the Angler Exploit Kit and from there Cryptowall ransomware.
Cite: https://nakedsecurity.sophos.com/2015/10/08/the-malicious-side-of-online-ads-how-unpatched-servers-hurt-us-all/ It’s hard to believe that an ad server could remain unpatched for *two years*. Laziness, pure and simple.
At first glance, it looks like a great idea. It won’t, however, make that much of a difference for its own ads. Google has been automatically converting a lot of Flash ads served via its network to HTML5 anyway, and I’m not sure how much safer HTML5 may prove to be, in the end.
Well worth reading, and sharing: http://www.anti-malvertising.com/
Details here: https://blog.malwarebytes.org/malvertising-2/2015/08/angler-exploit-kit-strikes-on-msn-com-via-malvertising-campaign/ “The incident occurred when people who where simply browsing MSN’s news, lifestyle or other portals were served with a malicious advertisement that silently loaded the Angler exploit kit and attempted to infect their computers.” “While we did not collect the malware payload associated with this campaign, we believe it is either Ad fraud or ransomware, Angler’s trademark.”
I’ve been watching the malvertizing scene for a very long time, and historically have (sometimes with some trepidation) said that advertising shouldn’t be blocked as a matter of course, because every worker is worth his wage, and there are very real implications for the future viability of websites if they cannot earn an income from […]
This would have got a STACK of people 🙁 https://blog.malwarebytes.org/news/2015/08/telstra-medias-homepage-pushes-malvertising/
I just saw the following when visiting the news.com.au website using a Windows 8.1 phone and an Australian IP. news.com.au is a very popular website in Australia, but I’m not set up at the moment for mobile site analysis, so feel free to take a look-see and report… It may be that the full site is affected […]