Connect with us

Published

1 year ago

on

Hackers are increasingly using online ads for malicious purposes. Often, it’s happening through routine Google searches.

These schemes are dubbed malvertising, and cyber criminals are striking more often and with increased sophistication. In fall 2023, cybersecurity software firm Malwarebytes tracked a 42% increase month-over-month in malvertising incidents in the U.S. All types of brands are being targeted, whether it’s for phishing purposes or for actual malware, said Jérôme Segura, senior director of research at Malwarebytes. “What I’m seeing is just the tip of the iceberg,” he said.

Many of these rogue ads appear as sponsored content during a search engine query on a desktop or mobile device. But malicious code can also be hidden in ads that appear on mainstream websites consumers routinely visit. Some of these ads will only ensnare consumers who click on them, but in some cases, people can be vulnerable in a more passive way — sometimes just by visiting an infected site, said Erich Kron, security awareness advocate for KnowBe4, a security awareness and training company. 

Corporate employees can also be targets of malvertising, Segura said. He cited a few actual examples that were recently uncovered involving big companies. Lowe’s staff members were targeted via a Google ad for an employee portal claiming to be associated with the retailer. Clicking on the link, “myloveslife.net,” which contains a misspelling of the company’s name, took users to a phishing page with Lowe’s logo. This had the potential to confuse employees since many don’t know offhand the URL for their internal website. “You see the brand, even the official logo of that brand, and for you it’s enough to think it’s real,” Segura said.

Segura also cited an ad meant to impersonate Salesforce-owned communication tool Slack. Initially, by clicking on the ad, he was redirected to a price page on Slack’s official website. But suspecting bad actors were at play, Segura dug deeper and uncovered an impersonation ploy, which involved trying to convince unsuspecting users to download something purporting to be the Slack app.

It’s not Google’s fault, but don’t trust it

Malvertising is not new, but cybercriminals are getting smarter and the ads are often so realistic that it’s easy to be duped. The problem is exacerbated by the fact that so many people use and trust Google as a search engine, where many of the malicious ads can be found. It’s not a problem with Google, per se; malicious ads can also show up in queries using other search engines like Microsoft’s Bing. It’s just that Google is such a widely used search engine and people trust it and let their guard down. “You see something appearing on a Google search, you kind of assume it is something valid,” said Stuart Madnick, professor of information technology at MIT Sloan School of Management. 

Consumers can also fall prey to malicious ads on trusted websites they visit regularly.  Many of these ads are legitimate, but some bad ones can slip through the cracks. “It’s like the post office. Does the mailman check every letter you get to make sure it’s really from Publishers Clearing House?” Madnick said.

Be very careful about where and when you click

Consumers can take steps to protect themselves against malvertising attempts. For instance, they should avoid clicking on sponsored links that come up during an internet search. Often, the first ad below the sponsored one will be the product they are looking for, and since it isn’t sponsored, there’s less chance of being sidelined by malicious code or a phishing attempt.

If you do click on a sponsored link, check the URL at the top of the web page to make sure it’s really where you meant to be before taking any other actions. For example, if you’re trying to visit Gap.com, make sure you’re not really on Gaps.com. Consumers who find themselves on a suspicious site should close the window immediately, said Avinash Collis, assistant professor at Carnegie Mellon University’s Heinz College. In most cases, this will avoid further trouble, he said.

Consumers also need to be careful about clicking ads they see on trusted websites, Kron said. They may, for instance, see ads for products that are much lower in cost than elsewhere. But Kron recommends not clicking and instead visiting the trusted website of the product seller. Most of the time, consumers will be able to search on the provider’s site if a special deal exists, or the deal will be highlighted on the main page of the trusted website, he said.

Also avoid calling a telephone number listed in a sponsored ad because it could be a fake telephone number. If you call it, cyber thieves could gain access to your computer or your personal information, depending on the scheme, said Chris Pierson, CEO of BlackCloak, a cybersecurity and privacy platform that provides digital executive protection for corporate executives.

Consumers should make sure they are calling a number from official product documentation they have in their possession, Pierson said. Alternatively, consumers could visit the company’s home page for this information. “Doing a [web] search could return results that are not sponsored by the company and telephone numbers that are associated with cybercriminals. All it takes to get an ad out there is money and, of course, cybercriminals that are stealing money, have the ability to pay for that bait,” Pierson said. 

Avoid ‘drive-by-downloads’

Consumers should also make sure the operating system and internet browsers are up-to-date on their computer and mobile phone. 

So-called drive-by-downloads, which can impact people who merely visit a website infected with malicious codes, generally rely on a vulnerability in the user’s browser. This is not as much of a threat for people who keep their browsers and browser extensions up-to-date, Kron said. 

Consumers could also consider installing anti-malware software on their computer and phone. Another option is to avoid ads by installing an ad blocker extension such as uBlock Origin, a free and open-source browser extension for content filtering, including ad blocking. Some consumers may also opt to install a privacy browser such as Aloha, Brave, DuckDuckGo or Ghostery on their personal devices. Many privacy browsers have embedded ad blockers; consumers may still see sponsored ads, but they will see fewer of them, which minimizes the chances of malvertising. 

Consumers who come across suspicious ads should report them to the applicable search engine for investigation and removal if deemed malicious, Collis said. This can help protect other people from being ensnared. 

Proper safety precautions are especially important since there are millions of ads on the internet and cyber thieves are relentless. “You should assume that this could happen to you no matter how careful you are,” Madnick said.

Related Topics:
Continue Reading

Technology

AI defense booms in UK and Germany as new wave of billion-dollar startups emerge

Published

12 mins ago

on

December 11, 2025

By

AI defense booms in UK and Germany as new wave of billion-dollar startups emerge

The U.K. and Germany are emerging as key hubs for a new wave of AI defense startups, as Europe scrambles to rearm amid rising geopolitical tensions. 

Private funding for defense startups across the region has ramped up in recent years, with investors looking to tap into increasing government military budgets, driven by the ongoing Russia-Ukraine war and pressure from the Trump administration.

But it’s ecosystems in the U.K. and Germany that are seeing the most activity. The majority of the biggest rounds across the sector have been for startups based in those two countries, with both emerging as key launchpads into new markets and battlefield training.

David Ordonez, senior associate at NATO Innovation Fund, told CNBC that this was “thanks to the scientific expertise of their talent base, national commitments to treat this sector as an economic engine for growth and a manufacturing base that enables the rapid scaling of breakthrough innovation.”

‘Visible pathways to procurement’

Venture capital for European defense startups has spiked as members of the NATO military alliance have agreed to increase security spending to 5% of gross domestic product, and defense departments in London and Berlin have increasingly signaled a willingness to adopt new technology built by younger players in the market.

Investors, buoyed by the promise of commercial deals, have funneled a record $4.3 billion into the sector since the start of 2022, according to Dealroom — nearly four times the funds deployed in the previous four years.

Germany’s AI drone makers Helsing and Quantum Systems hit valuations of 12 and 3 billion euros this year, respectively, after rounds worth hundreds of millions of euros. In the U.K., manufacturing platform PhysicsX, which works with defense companies, raised $155 million this year, and missile interception startup Cambridge Aerospace reportedly picked up a $100 million round in August.

The U.K. government’s Strategic Defence Review in June proposed boosting spending on novel tech and streamlining procurement processes, as well as unveiling a £5 billion tech investment package.

“We see a system increasingly open to non-traditional primes, supported by wider investment in skills and technology,” Karl Brew, head of defense at Portuguese-U.K. drone startup Tekever, told CNBC. 

Tekever, which became a unicorn this year, announced a major contract to supply uncrewed aerial systems to the Royal Air Force in May. Helsing has several contracts with the U.K. government, and U.S.-based Anduril signed a £30 million contract for its attack drones in March.

Tekever’s AR3 EVO drone undergoing pre-flight checks prior to being launched. Credit: Tekever

Germany announced its defense spending would rise to upwards of 100 billion euros — a record figure since the German reunification — from 2026, and also changed procurement processes to make it easier for startups to participate.

While most European governments have ramped up defense spending, Germany stands out as having “visible pathways from prototype to major procurement [for startups] that many other European markets still do not provide,” Meghan Welch, managing director at financial advisory firm BGL, told CNBC. 

Helsing and attack drone startup Stark are both in line to win a contract for kamikaze drones, the Financial Times reported in October. Helsing and Stark declined to comment to CNBC about this.

Legacy infrastructure

Germany’s industrial heritage has also created talent pipelines and infrastructure that startups are tapping into.

“Germany has the industrial base, the infrastructure and the technical talent to produce the next-generation technologies NATO urgently needs,” Philip Lockwood, international managing director of Stark, told CNBC.

Founded in 2024, Stark is building attack and reconnaissance drones and has raised $100 million from investors, including Sequoia Capital, Peter Thiel’s Thiel Capital, and the NATO Innovation Fund.

Stark’s Virtus drone

“Many of Europe’s best engineers developed their expertise in Germany’s industrial and technological sectors, which have long led in hardware, software, manufacturing and supply-chain resilience,” Lockwood said.

The U.K.’s broader ecosystem is also a decisive factor in its appeal as a defense base, said Tekever’s Brew. “It brings together world-class universities and R&D centres with a dense network of aerospace, software and advanced-manufacturing suppliers,” he said.

Launchpads

Another key driver of defense tech in the U.K. and Germany is that both countries serve as launchpads into new markets or frontline training. 

The U.K. has had a security and defense partnership with Australia and the U.S. since 2021, known as AUKUS, which has lifted certain export controls and restrictions on technology sharing between the nations.

“As part of AUKUS, the move into the UK was a natural entry point into Europe,” Rich Drake, managing director at Anduril UK, told CNBC.

Alongside signing contracts totalling nearly £30 million for its attack drones earlier this year, Anduril also has plans to open a new manufacturing and R&D facility in the UK.

Anduril UK’s Seabed Sentry. Credit: Anduril UK

“[AUKUS] allows us to work with the MOD [Ministry of Defence], align on operational needs and accelerate the deployment of leading autonomous systems in a context where trust, shared priorities and strategic alignment matter as much as technology,” Drake said.

U.S. defense startups looking to sell into European markets have also often chosen London as a base from which to expand across the region. Second Front Systems and Applied Intuition expanded into the country in 2023 and 2025, respectively.

“Given the history of the special relationship between the US and the UK, the UK serves as an excellent launching pad into the rest of the European market,” said Enrique Oti, chief strategy officer at Second Front Systems.

The U.K. can also serve as a base for European defense startups with global ambitions, added Dmitrii Ponomarev, product manager at VanEck.

“In practice the UK is becoming the interoperability testbed and politically acceptable landing zone for tech flowing in both directions,” Ponomarev told CNBC.

“If you can win a pilot with UK forces, comply with UK/US-aligned security and export regimes and operate in English with UK industrial and legal standards, you look much more ready to US primes, Department of War programs and AUKUS-related efforts.”

In 2025, some of Europe’s best-funded defense startups, including Helsing, Quantum Systems and Stark, announced factories, offices, or investments in the country.

Further east, Germany’s role as one of the largest donors of military aid to Ukraine has given the country’s startups a “front row seat for battlefield feedback,” said Ponomarev.

Quantum Systems has deployed its reconnaissance tech in Ukraine and Helsing announced in February it would produce thousands of strike drones for the country.

Why private investors are pouring billions into Europe's defense tech sector

Despite the advances, analysts, investors and startup execs all caution there’s more work to be done to create the conditions for building global defense startups in the UK and Germany. 

“Scaling remains difficult without continued political and procurement reform,” Ponomarev told CNBC.

“The UK still struggles with slow procurement cycles, clearance bottlenecks and a shortage of security-approved technical talent,” he added. Germany’s biggest obstacles are bureaucracy, strict export controls and heavy dependence on a single customer — the country’s armed forces, Ponomarev added.

BLG’s Welch said the winners of Europe’s AI defense boom “are likely to be companies that can master both the political economy, including export rules, alliances and public narratives, and the technology race, positioning themselves as enablers of national sovereignty rather than disruptors of it.”

Continue Reading

Technology

CNBC Daily Open: Much to like in Fed’s meeting amid warnings of restraint

Published

2 hours ago

on

December 11, 2025

By

CNBC Daily Open: Much to like in Fed's meeting amid warnings of restraint

Federal Reserve Chair Jerome Powell speaks during a press conference following the Federal Open Markets Committee meeting at the Federal Reserve on Dec. 10, 2025 in Washington, DC.

Chip Somodevilla | Getty Images

It ended up being a “hawkish cut,” as expected. Still, investors managed to find a few gifts tucked between the lumps of coal.

Even though the U.S. Federal Reserve lowered interest rates by a quarter percentage point on Wednesday stateside, two regional bank presidents — Jeffrey Schmid of Kansas City and Austan Goolsbee of Chicago — wanted rates to stand pat.

Their caution was echoed in the Fed’s “dot plot” of rate projection, which showed officials penciling in just one cut in 2026 and another for 2027.

Even the Fed’s rate statement was repurposed from the December 2024 meeting, which ushered in a nine-month period without cuts until September this year.

Why, then, did U.S. markets rise after the meeting?

The biggest surprise was the Fed’s announcement that it would begin purchasing $40 billion in Treasury bills, starting Friday. That move increases the money supply in the economy. In other words, it’s a stealthy way to ease conditions, which helps support financial markets.

Next, Chair Jerome Powell dismissed speculation about future hikes.

“I don’t think that a rate hike … is anybody’s base case at this point,” Powell said. “I’m not hearing that.”

Fed officials also see the U.S economy as remaining resilient. Collectively, they increased their forecast for economic expansion in 2026 to 2.3% from an earlier estimate of 1.8% in September.

“We have an extraordinary economy,” said Powell.

And the markets may be setting up for an extraordinary finish to the year.

“The last interest rate decision of 2025 has essentially paved the way for a Santa Claus rally to end the year, and the S&P 500 is poised to exceed the 7,000 milestone in the next few weeks,” said José Torres, senior economist at Interactive Brokers.

For investors, that would count as a very decent Christmas surprise.

— CNBC’s Jeff Cox contributed to this report.

What you need to know today

And finally…

Anduril flies its unmanned drone YFQ-44A for the first time at an unspecified location in California, U.S., Oct. 31, 2025 in this handout image.

Anduril | Via Reuters

AI defense booms in UK and Germany as new wave of billion-dollar startups emerge

Venture capital for European defense startups has spiked as members of the NATO military alliance have agreed to increase security spending to 5% of gross domestic product. Additionally, defense departments in London and Berlin have increasingly signaled a willingness to adopt new technology built by younger players in the market.

Investors, buoyed by the promise of commercial deals, have funneled a record $4.3 billion into the sector since the start of 2022, according to Dealroom — nearly four times the funds deployed in the previous four years.

— Kai Nicol-Schwarz

Continue Reading

Technology

Over $50 billion in under 24 hours: Why Big Tech is doubling down on investing in India

Published

4 hours ago

on

December 11, 2025

By

Over billion in under 24 hours: Why Big Tech is doubling down on investing in India

A slogan related to Artificial Intelligence (AI) is displayed on a screen in Intel pavilion, during the 54th annual meeting of the World Economic Forum in Davos, Switzerland, January 16, 2024. 

Denis Balibouse | Reuters

Big Tech is doubling down on investing billions in India, drawn by its abundance of resources for building data centers, a large talent and digital user pool, and market opportunity.

In under 24 hours, Microsoft and Amazon pledged more than $50 billion toward India’s cloud and AI infrastructure, while Intel on Monday announced plans to make chips in the country to capitalize on its growing PC demand and speedy AI adoption.

While India trails the U.S. and China in the race to develop a native AI foundational model, and lacks a large domestic AI infrastructure company, it wants to leverage its expertise in the information technology sector to create and deploy AI applications at enterprise level, also offering Big Tech companies a huge opportunity.

Having a model or computing is not enough for any enterprise to use AI effectively, and it requires companies making application layer and a large talent pool to deploy them, S. Krishnan, secretary at India’s Ministry of Electronics and Information Technology, told CNBC.

Stanford University ranks India among the top four countries along with the U.S., China and the UK in the global and national AI vibrancy ranking. GitHub, a community of developers, has ranked India at the top with the global share of 24% of all projects.

India’s opportunity lies more in “developing applications” which will be used to drive revenues for AI companies, Krishnan said.

On Tuesday, Microsoft announced $17.5 billion in investment in the country, spread over 4 years, aimed at expanding hyperscale infrastructure, embedding AI into national platforms, and advancing workforce readiness.

“This scale of capex gives Microsoft first‑mover advantage in GPU‑rich data centers while making Azure the preferred platform for India’s AI workloads, as well as deepening alignment with the government’s AI public infrastructure push,” said Tarun Pathak, research Director at Counterpoint Research. 

Amazon on Wednesday announced plans to invest over $35 billion, on top of the $40 billion it has already invested in the country.

Over the past few months, AI and tech majors such as OpenAI, Google, and Perplexity have offered their tools for free to millions in India, with Google also firming up its plans to invest $15 billion toward building data center capacity for a new AI hub in southern India.

“India combines a huge digital user base, rapidly growing cloud and AI demand, and a high-talent IT ecosystem that can build and consume AI at scale, making it more than just a market for users and instead a core engineering and deployment hub,” Pathak said.

Data center opportunity

India has several advantages when it comes to building data centers. Markets such as Japan, Australia, China and Singapore in the Asia Pacific region have matured. Singapore, one of the oldest data center hubs in the region, has limited room to deploy large-scale data centers due to land availability issues.

India has abundant space for large-scale data center developments. When compared with data center hubs in Europe, power costs in India are relatively low. Coupled with India’s growing renewable energy capacity — critical for power-hungry data centers — and the economics begin to look compelling.

Local demand, fueled by the rise of e-commerce — a major driver of data center growth in recent years — and potential new rules for storing social media data, strengthens the case.

Put simply: India is entering a sweet spot where global cloud providers, AI players, and domestic digitalization all converge to create one of the world’s hottest data center markets.

“India is a pivotal market and one of the fastest‑growing regions for AI spending in Asia Pacific,” said Deepika Giri, associate vice president and head of research, big data & AI, at International Data Corporation.

“A major gap, and therefore a significant opportunity, lies in the shortage of suitable compute infrastructure for running AI models,” she added. Big Tech is looking to capitalize on the infrastructure opportunity in India by investing heavily in the cloud and data center space.

Global companies are expanding capacities closer to service bases in IT cities such as Bangalore, Hyderabad and Pune from traditional centers like Mumbai and Chennai which are closer to landing cables, as they build data centers in India for the world, Krishnan said.

— CNBC’s Dylan Butts, Amitoj Singh contributed to this report. 

Continue Reading

Trending