New Venom Stealer MaaS Platform Automates Continuous Data Theft
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1041 — Exfiltration Over C2 Channel (Exfiltration)
Clear filter74 articles found
ChatGPT Security Issue Enabled Data Theft via Single Prompt
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secure...
23rd March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 23rd March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Navia Ben...
Security Flaw in AWS Bedrock Code Interpreter Raises Alarms
DNS-based attack in AWS Bedrock AgentCore lets AI sandboxes exfiltrate cloud data
FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise
FortiGate SSO flaws allows attackers to steal configs, abuse AD creds, deploy RMM tools, and exfiltrate NTDS files.
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Exploit kit "Coruna" targets iPhones running iOS 13.0 to 17.
Unmasking Agent Tesla: A Deep Dive into a Multi-Stage Campaign
FortiGuard Labs provides a technical breakdown of a multi-stage Agent Tesla campaign, from phishing and encrypted scripts to in-memory execution, process hol...
Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft
Introduction Mandiant has identified an expansion in threat activity that uses tactics, techniques, and procedures (TTPs) consistent with prior ShinyHunters-...
Guidance from the Frontlines: Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaS
Introduction Mandiant is tracking a significant expansion and escalation in the operations of threat clusters associated with ShinyHunters-branded extortion.
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
Written by: Austin Larsen, Matt Lin, Tyler McLellan, Omar ElAhdan Update (August 28) Based on new information identified by GTIG, the scope of this compromis...
Inline Style Exfiltration: leaking data with chained CSS conditionals
I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now exploit CSS injection via style attributes!
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to dissem...
Blind CSS Exfiltration: exfiltrate unknown web pages
This is a gif of the exfiltration process (We've increased the speed so you're not waiting around for 1 minute). Read on to discover how this works.