Trojan Extension Malware: 3-Year Campaign, 300k Infections
A multi-year campaign of malware extensions first infect browsers through malvertising and ultimately lead to data loss and arbitrary code execution.
A multi-year campaign of malware extensions first infect browsers through malvertising and ultimately lead to data loss and arbitrary code execution.
New browser-related threats targeting employees emerge almost daily. Recently, threat researchers uncovered a critical vulnerability known as ‘0.0.0.0 Day’, which reveals a significant gap in
Key points: Overview Keep Aware has observed phishing attacks that use legitimate domains to host links that eventually lead to a credential stealing web page.
Keep Aware has uncovered evidence that Google Looker Studio is being abused by bad actors to host intermediate phishing pages.
Cloudflare public R2 buckets are being abused to host phishing pages.
Keep Aware’s Threat Research function shares recent analysis of Canva’s platform abuse for phishing purposes.
An analysis of Microsoft Dynamics 365 standalone forms reveals that, in today’s browsing threat landscape, 1 in 5 forms are threats.
Key Topics and Findings: Overview In today’s interconnected world where practically all employees use the internet, the prevalence of security support scams and other social
Key Findings: Overview Keep Aware’s Threat Research division identified a recent batch of fraudulent Microsoft support sites. While these scam campaigns are not novel, they
Key Findings: Overview Keep Aware’s Threat Research team has identified a browser notifications hijacking campaign that impersonates a Russian-based distributed denial of service (DDoS) protection