Credential-Theft

Analysis of the infostealer logs economy in 2026, covering credential harvesting, underground markets, and how stolen data fuels cybercrime operations.

A Man-in-the-Middle (MitM) attack occurs when an attacker intercepts, monitors, or alters communication between two parties without their knowledge. This SECMONS glossary entry explains how MitM attacks work, common techniques, real-world impact, and how defenders should mitigate interception risks.

Phishing is a social engineering technique where attackers impersonate trusted entities to steal credentials, deliver malware, or gain initial access. This SECMONS glossary entry explains phishing variants, operational impact, and defensive controls.

Analysis of infostealer malware activity in 2026, including delivery methods, data theft patterns, and how attackers monetize stolen information.

Investigative analysis of the Snowflake 2024 breach campaign involving credential theft and data exfiltration affecting multiple organizations using the cloud data platform.

Technical analysis of CVE-2023-23397, a critical Microsoft Outlook vulnerability that allows attackers to capture NTLM credentials through specially crafted email messages.

Deep analysis of how phishing has evolved into advanced identity-driven attack techniques, including token theft, MFA bypass, and targeted social engineering campaigns.

Technical analysis of Lumma Stealer, a modern infostealer malware used to harvest browser credentials, authentication tokens, and cryptocurrency wallet data from infected systems.

Identity Threat Detection and Response (ITDR) is a cybersecurity discipline focused on detecting, investigating, and responding to identity-based attacks such as credential abuse, privilege escalation, and account compromise.

Technical analysis of RedLine Stealer, a widely distributed information-stealing malware used to harvest credentials, browser data, and cryptocurrency wallets from infected systems.

Technical analysis of Raccoon Stealer, an information-stealing malware widely used in cybercrime campaigns to harvest credentials, browser data, and cryptocurrency wallet information.

Technical analysis of DarkGate malware, a modular malware platform used to deliver additional payloads, perform credential theft, and maintain remote access to compromised systems.

Technical analysis of Vidar Stealer, a widely used information-stealing malware designed to harvest credentials, browser data, and cryptocurrency wallet information from infected systems.

Technical analysis of FormBook malware, a widely distributed credential-stealing trojan used in phishing campaigns to harvest credentials, browser data, and system information.

Investigative analysis of the Yahoo 2013 breach, the largest known account compromise in internet history, examining how attackers obtained data belonging to roughly three billion users.

Infostealer malware is a category of malicious software designed to harvest sensitive information such as credentials, browser data, financial records, and authentication tokens from compromised systems.

Technical explanation of credential harvesting, an attack technique used by threat actors to steal authentication credentials and gain unauthorized access to systems and networks.

Technical explanation of spyware malware, its behavior, infection vectors, surveillance capabilities, and the security risks associated with covert data collection.

Technical explanation of credential dumping, an attack technique used by threat actors to extract stored authentication credentials from compromised systems in order to escalate privileges and move laterally within enterprise networks.