Executive Summary FortiGuard Labs has identified a new variant of Snake Keylogger, also known as 404 Keylogger, which has been responsible for over 280 million blocked infection attempts worldwide. This malware is designed to steal sensitive credentials by logging keystrokes, accessing browser-stored passwords, and exfiltrating data through SMTP and Telegram bots; targeting Windows users primarily located in…
Read More
Executive Summary A recent investigation by Sucuri uncovered a sophisticated credit card skimmer on a Magento-based eCommerce website, leveraging Google Tag Manager (GTM) to inject malicious JavaScript and steal payment details. The malware was hidden within the cms_block.content database table, allowing attackers to discreetly intercept checkout page transactions. Further analysis by Sucuri revealed a backdoor in the…
Read More
Executive Summary In early December 2024, Arctic Wolf Labs identified a sophisticated cyberattack campaign targeting Fortinet FortiGate firewall devices. Unidentified threat actors exploited a suspected zero-day vulnerability to gain unauthorized access to the devices’ management interfaces, allowing them to alter firewall configurations and extract credentials using DCSync. Community Impact A successful compromise of FortiGate firewalls in this…
Read More
Executive Summary A sophisticated credit card skimmer malware has been discovered targeting WordPress websites, stealthily injecting malicious JavaScript into the site’s database to steal sensitive payment information. This skimmer, designated malware.magento_shoplift.273 by Securi, specifically activates on checkout pages, either by hijacking legitimate payment fields or injecting fake credit card forms. The stolen data, including credit card…
Read More
Executive Summary Black Basta, according to a new report from SOCRadar, has advanced its tactics by combining new social engineering tactics, malware such as Zbot and DarkGate, and custom tools to infiltrate and compromise targeted networks. With global impact across multiple critical sectors, the group’s innovative methods emphasize the critical need for layered security measures and…
Read More
