Vidar Infostealer Back with a Vengeance
The pervasive Vidar infostealer has evolved with a suite of new evasion techniques and covert data exfiltration methods, according to researchers.
Stay informed on data exfiltration threats. Protect sensitive information with the latest news and expert insights on prevention and response strategies.
Search across headline titles and summaries.
Background for this topic.
Data exfiltration is the covert or unauthorized transfer of sensitive information from an organization’s internal systems to an external destination controlled by an attacker. This technique often targets intellectual property, personal data, or credentials and can be executed via malware, compromised insiders, or misconfigured cloud services. Attackers may use encrypted channels, steganography, or legitimate protocols to evade detection.
Effective defense focuses on limiting data access through strict permissions, monitoring network traffic for unusual outbound flows, and deploying data loss prevention (DLP) tools that identify and block suspicious transfers. Endpoint detection and response (EDR) solutions can detect anomalous processes attempting exfiltration. Understanding typical data flows and establishing baseline behavior is crucial to spotting deviations that indicate exfiltration attempts.
Weekly headline count for the current query.
The pervasive Vidar infostealer has evolved with a suite of new evasion techniques and covert data exfiltration methods, according to researchers.
The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration.
Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens.
Researchers at Aim Security disclosed a Microsoft Copilot vulnerability of critical severity this week that could have enabled sensitive data exfiltration via prompt injection attacks.
CeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say.
The gang's time from initial access to draining data out of a Veeam server is shockingly fast; after which the attackers went on to deploy actual ransomware in less than a day.
The CE giant released its investigative findings regarding a March cyberattack that resulted in data exfiltration affecting its Japanese operations.
The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here's how to limit the damage.
The Arid Viper APT group is deploying AridSpy malware with Trojanized messaging applications and second-stage data exfiltration.
MacOS data exfiltration malware poses as an update for Visual Studio code editor.
The previously undocumented data exfiltration malware was part of a successful cyber-espionage campaign against the Guyanese government, likely by the Chinese.
"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment — or for sneaking in malicious code and attack tools.
Titaniam’s ‘State of Data Exfiltration & Extortion Report’ also finds that while over 70% of organizations had heavy investments in prevention, detection, and backup solutions, the majority of victims ended up giving into attackers' demands.
An unauthenticated remote code execution vulnerability found in Zoho’s compliance tool could leave organizations exposed to an information disclosure catastrophe, new analysis shows.
IceApple's 18 separate modules include those for data exfiltration, credential harvesting, and file and directory deletion, CrowdStrike warns.