HP Wolf Security just released its September Threat Insights Report highlightinig how attackers are modifying and improving old techniques to bypass detection and fool users.
By chaining living-off-the-land (LOTL) tools, using advanced visual deception to boost phishing success, and hiding malware in less obvious file types, like images, attackers are sharpening their edge.
Notable campaigns highlighted in the report include:
- Fake Adobe Reader invoices – ultra-realistic upload screens (see image below) – including a fake loading bar – used to hide a reverse shell inside a small SVG image, giving attackers remote access to user devices.
- Malware Hidden in Image Pixels – malicious code embedded in pixel data of Microsoft Compiled HTML Help files, with PowerShell and CMD used to execute and then delete evidence.
- Resurgent Lumma Stealer – spreading through IMG archive attachments, using LOTL and image-based delivery to bypass filters despite a law-enforcement crackdown earlier this year.
The report is here and there is a blog post as well for your reading pleasure.
Like this:
Like Loading...
Related
This entry was posted on September 12, 2025 at 11:20 am and is filed under Commentary with tags HP. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
HP Uncovers Ultra-Realistic Adobe Invoice and Chained Living Off The Land Technique Scam
HP Wolf Security just released its September Threat Insights Report highlightinig how attackers are modifying and improving old techniques to bypass detection and fool users.
By chaining living-off-the-land (LOTL) tools, using advanced visual deception to boost phishing success, and hiding malware in less obvious file types, like images, attackers are sharpening their edge.
Notable campaigns highlighted in the report include:
The report is here and there is a blog post as well for your reading pleasure.
Share this:
Like this:
Related
This entry was posted on September 12, 2025 at 11:20 am and is filed under Commentary with tags HP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.