The CERT-In: They are linked to Improper Access Control and allow a remote attacker to access meetings in stealth.
Greece victim of a phishing campaign with keylogger. Bleeping Computer cybersecurity experts: The decoy is an alleged tax refund. Through fake sites, the data entered by the user is stolen in real time
Greece has been hit by a new phishing campaign, more dangerous than usual: it incorporates a keylogger, which captures everything the user types. Bleeping Computer cybersecurity experts denounced it. The decoy is an email about an alleged tax refund, which points to a fake Athens Tax Agency website and where the potential victim has to enter their bank and login credentials to be able to receive the reimbursement. In reality, the user communicates his sensitive data to cyber criminals and does so in real time, thanks to the keylogger that immediately sends everything typed on the keyboard to the command and control server. As a result, threat actors can steal data even if the operation is not completed.