Collaborate Disseminate
Assume we have a webpage with sensitive data. The page uses a marketing partner advertisingpartner.com which collects data via third-party cookies in a foreign iframe. We have applied a relatively strict CSP:
connect-src ‘… Continue reading Content Security Policy: postMessage into foreign iframe
Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage. Ransomware, for example, usually has no interest in exfiltratin… Continue reading The MITRE ATT&CK Framework: Exfiltration
Let’s say I have one offline computer with some important data, and one online computer. Sometimes I need to move files from the offline computer to the online one. When I transfer those files, is there a risk that a virus wo… Continue reading How to prevent a virus from stealing data when I transfer files between offline and online computers?
Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment.
This RAT will help you during red team engagements to backdoor any Windows machines. It tracks the u… Continue reading Powershell-RAT – Gmail Exfiltration RAT
The low-cost malware lowers the barrier of entry for carrying out advanced data exfiltration. Continue reading Nocturnal Stealer Lets Low-Skilled Cybercrooks Harvest Sensitive Info
The published examples for exploiting the EFAIL email encryption vulnerability all appear to use HTML to create a backchannel for exfiltrating decrypted data.
However, the homepage of EFAIL, https://efail.de/ , claims:
S… Continue reading What are the EFAIL "backchannels in email clients not related to HTML"?
While it’s a simple payload for now, researchers said Vega has the ability to evolve into something more concerning in the future. Continue reading Vega Stealer Malware Takes Aim at Chrome, Firefox
I need to extract data from inside an Excel fille using Excel 2007 functions.
The concept is somewhat related to stored XSS type of data exfiltration only that I need to use Excel 2007 functions (which I managed to inject i… Continue reading Exfiltrate data by injecting functions in Excel 2007 file rendered with PHP
Considering the scenario when the attacker is able to exfiltrate sensitive data from compromised system to external network or Internet, but there are only limited ways to achieve this because the outbound connection is confi… Continue reading What is good metric for detecting data exfiltration on covert channel?
Considering the scenario when the attacker is able to exfiltrate sensitive data from compromised system to external network or Internet, but there are only limited ways to achieve this because the outbound connection is confi… Continue reading What is good metric for detecting data exfiltration on covert channel?