Tax refund phish logs keystrokes to swipe personal details

Categories: News

Tags: tax refund

Tags: phish

Tags: phishing

Tags: scam

Tags: greece

Tags: greek

Tags: javascript

Tags: keylogger

The phishing mails rely on that time-honoured tradition of bogus tax returns and non-existent refunds.

(Read more…)

The post Tax refund phish logs keystrokes to swipe personal details appeared first on Malwarebytes Labs.

Read more

TikTok vulnerability could have allowed hijackers to take over accounts

Categories: News

Tags: Exploit

Tags: vulnerability

Tags: Tik-Tok

Tags: Microsoft

Tags: JavaScript

We take a look at a TikTok exploit discovered by Microsoft and passed on to the social media giant to have fixed.

(Read more…)

The post TikTok vulnerability could have allowed hijackers to take over accounts appeared first on Malwarebytes Labs.

Read more

Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately!

Credit to Author: Christopher Boyd| Date: Tue, 19 Jul 2022 12:07:10 +0000

We take a look at a WordPress plugin, abandoned and open to JavaScript related exploitation. Uninstall it now!

The post Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately! appeared first on Malwarebytes Labs.

Read more

Fake reCAPTCHA forms dupe users via compromised WordPress sites

Credit to Author: Pieter Arntz| Date: Mon, 16 May 2022 11:54:12 +0000

Threat actors have launched a new campaign that starts with compromised WordPress sites and leads to fake reCAPTCHA sites designed to get visitors to accept web push notifications.

The post Fake reCAPTCHA forms dupe users via compromised WordPress sites appeared first on Malwarebytes Labs.

Read more

Multi-Staged JSOutProx RAT Targets Indian Co-operative Banks and Finance Companies

Credit to Author: Sameer Patil| Date: Thu, 21 Oct 2021 12:38:32 +0000

  Quick Heal Security Labs has been monitoring various attack campaigns using JSOutProx RAT against different SMBs in…

The post Multi-Staged JSOutProx RAT Targets Indian Co-operative Banks and Finance Companies appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Read more

Rocket Loader skimmer impersonates CloudFlare library in clever scheme

Credit to Author: Jérôme Segura| Date: Tue, 10 Mar 2020 15:46:13 +0000

URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level.

Categories:

Tags:

(Read more…)

The post Rocket Loader skimmer impersonates CloudFlare library in clever scheme appeared first on Malwarebytes Labs.

Read more

Domen toolkit gets back to work with new malvertising campaign

Credit to Author: Threat Intelligence Team| Date: Fri, 28 Feb 2020 17:54:18 +0000

We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.

Categories:

Tags:

(Read more…)

The post Domen toolkit gets back to work with new malvertising campaign appeared first on Malwarebytes Labs.

Read more

Magecart Group 4: A link with Cobalt Group?

Credit to Author: Threat Intelligence Team| Date: Thu, 03 Oct 2019 15:00:00 +0000

Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Categories:

Tags:

(Read more…)

The post Magecart Group 4: A link with Cobalt Group? appeared first on Malwarebytes Labs.

Read more