Security News

A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of...

Because stealing your credentials, banking info, and IP just wasn’t enough A new variant of Snake Keylogger is making the rounds, primarily hitting Windows users across Asia and Europe. This...

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers...

An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian...

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing...

In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. "The value of 'data,' as currency has increased exponentially among cybercriminals, and this is particularly true for SMBs, which tend to use one service or software application, per function, for their entire operation. For example, let's say attackers deploy an infostealer on their target's network to steal credentials and then get hold of the password for the company's accounting software. Attackers could then gain access to the targeted company's financials and have the ability to funnel funds into their own accounts," said Christopher Budd, director of Sophos X-Ops research at Sophos.

There's no date on the update, but as far as we can make out, LastPass just [2023-02-27] published a short document entitled Incident 2 - Additional details of the attack. As you probably remember, because the bad news broke just before the Christmas holiday season in December 2022, LastPass suffered what's known in the jargon as a lateral movement attack.

A novel phishing campaign is underway, targeting Greeks with phishing sites that mimic the state's official tax refund platform and steal credentials as they type them. The threat actors are sending phishing emails claiming that the Hellenic Tax Office has calculated a tax return amounting to 634 Euros but failed to send the funds to the beneficiary's bank account due to validation issues.

In lieu of malware, attackers can use ScanBox in conjunction with watering hole attacks. Adversaries load the malicious JavaScript onto a compromised website where the ScanBox acts as a keylogger snagging all of a user's typed activity on the infected watering hole website.

While most malicious e-mail campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF file and a 22-year-old Office bug to propagate the Snake Keylogger malware, researchers have found. "While Office formats remain popular, this campaign shows how attackers are also using weaponized PDF documents to infect systems," HP Wolf Security researcher Patrick Schlapfer wrote in the post, which opined in the headline that "PDF Malware Is Not Yet Dead."Indeed, attackers using malicious email campaigns have preferred to package malware in Microsoft Office file formats, particularly Word and Excel, for the past decade, Schlapfer said.