Threat Actors Leverage SEO Poisoning and Malicious Ads to Distribute Backdoored Microsoft Teams Installers

A new campaign is distributing the Oyster (Broomstick) backdoor through trojanized Microsoft Teams installers. Threat actors are using SEO poisoning and malvertising to trick users into downloading fake installers from spoofed websites. The malicious installers deploy a persistent backdoor that enables remote access, gathers system information, and supports additional payload delivery while evading detection. This tactic mirrors earlier fake PuTTY campaigns, showing a trend of abusing trusted software for initial access. The backdoor communicates with attacker-controlled C2 domains and uses DLL sideloading via rundll32.exe for stealthy execution. Organizations are advised to download software only from verified sources and avoid relying on search engine advertisements.

Pulse ID: 68de52ef382d67c8bdc97094
Pulse Link: https://otx.alienvault.com/pulse/68de52ef382d67c8bdc97094
Pulse Author: AlienVault
Created: 2025-10-02 10:24:47

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #MaliciousAds #Malvertising #Microsoft #MicrosoftTeams #OTX #OpenThreatExchange #RCE #Rust #SEOPoisoning #SideLoading #Trojan #Troll #bot #AlienVault

🚨 Big change coming to Android 🚨

Google is rolling out Developer Verification — every app on certified devices must be tied to a verified ID.

Google says it’s about stopping scams. Critics say it could kill alt stores like F-Droid and choke indie devs.

Security or control?

https://dropletdrift.com/google-developer-verification-is-about-safety/

#Android #Google #FOSS #Apps #OpenSource #Privacy #Security #Developers #Tech #Software #Mobile #BigTech #Competition #Monopoly #Freedom #DigitalRights #Sideloading #PlayStore #Regulation

Planowana nowa funkcja bezpieczeństwa w przeglądarce Edge

W czwartek w harmonogramie Microsoft 365 pojawiła się nowa aktualizacja dla przeglądarki Edge z wdrożeniem planowanym na listopad 2025. Nowa funkcja bezpieczeństwa ma chronić użytkowników przed złośliwymi rozszerzeniami instalowanymi ręcznie (tzw. sideloading). Edge umożliwia deweloperom lokalne instalowanie rozszerzeń w celu testowania przed opublikowaniem ich w sklepie Microsoft Edge Add-ons. Ta...

#WBiegu #Aktualizacja #Awareness #Edge #Microsoft #Rozszerzenia #SideLoading

https://sekurak.pl/planowana-nowa-funkcja-bezpieczenstwa-w-przegladarce-edge/

top gaslighting from Google - and not addressing the original F-Droid concerns.

in a way, this approach is even worse than Apple because at least Apple doesn't pretend to care about openness of a system.

https://android-developers.googleblog.com/2025/09/lets-talk-security-answering-your-top.html

#Privacy #Android #Google #FDroid #Sideloading

This is turning out to be one of the worst moves that Android has ever made.

F-Droid says Google’s new sideloading restrictions will kill the project

https://arstechnica.com/gadgets/2025/09/f-droid-calls-for-regulators-to-stop-googles-crackdown-on-sideloading/

#FDroid #Google #Sideloading #Android #OpenSource #Tech

F-Droid and Google's Developer Registration Decree

#FDroid
#FreeSoftware
#OpenSource
#DigitalFreedom
#RightToChoose
#Privacy
#AppStores
#GoogleMonopoly
#Antitrust
#BigTech
#Sideloading
#UserFreedom
#TechPolicy
#DigitalRights

https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html

F-Droid accusa Google di minare la libertà digitale con la nuova politica anti-sideloading. Il software libero è sotto pressione. #FDroid #Google #Sideloading #Antitrust #OpenSource

https://www.linuxeasy.org/f-droid-contro-google-android/?utm_source=mastodon&utm_medium=jetpack_social