Secure Development of a Hooking-Based Deception Framework against Keylogging Techniques

Keyloggers remain a serious threat in modern cybersecurity, silently capturing user keystrokes to steal credentials and sensitive information. Traditional defenses focus mainly on detection and removal, which can halt malicious activity but do little to engage or mislead adversaries. In this pape...

Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code...

AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware

Tenable Research reveals that AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware code. While…...

Easy!Appointments 跨站脚本漏洞

Easy!Appointments is a web-based appointment and schedule management system. A cross-site scripting vulnerability exists in versions prior to Easy!Appointments 1.5.0, which can be exploited by an attacker to perform javascript injection, cookie theft, install javascript malware and keyloggers, an...

Websites that Collect Your Data as You Type

A surprising number of websites include JavaScript keyloggers that collect everything you type as you type it, not just when you submit a form. Researchers from KU Leuven, Radboud University, and University of Lausanne crawled and analyzed the top 100,000 websites, looking at scenarios in which a...

Thousands of Top Websites See What You Type—Before You Hit Submit

A surprising number of the top 100,000 websites effectively include keyloggers that covertly snag everything you type into a form...

A new rootkit comes to an ATM near you

Its not unusual to hear about malware created to affect automated teller machines ATMs. Malware can be planted at the ATMs PC or its network, or attackers could launch a Man-in-the-Middle MiTM attack. Recently, a new rootkit, which the Mandiant Advanced Practices team have named CAKETAP, was foun...

Cybercrooks Frame Targets by Planting Fabricated Digital Evidence

Threat actors are hijacking the devices of India’s human rights lawyers, activists and defenders, planting incriminating evidence to set them up for arrest, researchers warn. The actor, dubbed ModifiedElephant, has been at it for at least 10 years, and it’s still active. It’s been shafting target...

PowerPoint 2003/2007/2010 Silent Builder Exploit

The exploit allows you to convert EXE & JAR to .PPS its coded 100% from scratch and used by private method to assure a great stability and lasting FUD time. You are able to attach it to the most e-mail providers nowadays everyone uses Microsoft Office so it gives a huge chance of success. This...

Brute force attacks increase due to more open RDP ports

While leaving your back door open while you are working from home may be something you do without giving it a second thought, having unnecessary ports open on your computer is a security risk that is sometimes underestimated. Thats because an open port can be subject to brute force attacks. What...

KITT-Lite - Python-Based Pentesting CLI Tool

The KITT Penetration Testing Framework was developed as an open source solution for pentesters and programmers alike to compile the tools they use with what they know into an open source project. With KITT, users are able to easily access a list of commonly used tools to their profession which ar...

TAU Threat Analysis: NetWire Variant Leveraging AutoIt Scripts and Windows Shortcut Links

NetWire, an information stealing RAT that dates back multiple years, has been witnessed in the wild recently using a tactic of combining Windows shortcut link files and AutoIt scripts. These scripts pose as BitTorrent files, a protocol used for direct peer-to-peer file transfers, to entrench and...

Activities of a Nigerian Cybercriminal Uncovered

Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...

CQTools - The New Ultimate Windows Hacking Toolkit

CQURE Team has prepared tools used during penetration testing and packed those in a toolkit named CQTools. This toolkit allows to deliver complete attacks within the infrastructure, starting with sniffing and spoofing activities, going through information extraction, password extraction, custom...

Sophisticated 'TajMahal APT Framework' Remained Undetected for 5 Years

Cybersecurity researchers yesterday unveiled the existence of a highly sophisticated spyware framework that has been in operation for at least last 5 years—but remained undetected until recently. DubbedTajMahal by researchers at Kaspersky Lab, the APT framework is a high-tech modular-based malwar...

Meet ‘TajMahal,’ A New and Highly Advanced APT Framework

SINGAPORE – Researchers at Kaspersky Lab have discovered a new, highly sophisticated advanced persistent threat APT framework targeting a single Central Asian diplomatic agency. Malware samples associated with the APT reveal a complex never-before-seen code base, making it extremely hard to detec...

Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration

UPDATE An extremely high number of keylogger phishing campaigns have been seen tied to the Zoho online office suite software; in an analysis, a full 40 percent spotted in the last month used a zoho.com or zoho.eu email address to exfiltrate data from victim machines. A Cofense analysis, published...

China-Linked APT15 Used Myriad of New Tools To Hack UK Government Contractor

CANCUN, Mexico – Researchers at NCC Group have discovered multiple backdoors on a UK government contractor’s computer systems designed to steal sensitive government and military data. The hack is tied to China-linked cyber espionage group APT15, which researchers said is utilizing many new tools ...

Phishing Biggest Threat to Google Account Security

Last year may have been mostly about ransomware, but it’s difficult to forget the billion or so passwords that were spilled in high-profile breaches and credential leaks. Google and researchers from the University of California Berkeley attempted to ease some of that pain, and teamed up to analyz...

AutoIt Scripting Used By Overlay Malware to Bypass AV Detection

IBM’s X-Force Research team reports hackers attacking Brazilian banks are using the Windows scripting tool called AutoIt to install a remote access Trojan RAT capable of hijacking browser-based banking sessions. The use of AutoIt, researchers said, reduces the likelihood of antivirus detection...