From SANS newsBites v16n93; relevant (perhaps) to recent discussions.
--Citadel Trojan Now Targeting Password Managers (November 19 & 20, 2014) The Citadel Trojan, which in the past has been used to steal bank account access credentials and was used in targeted attacks against Middle Eastern petro-chemical companies, has recently been used in attacks against password managers. The newest version of Citadel now targets the master passwords for the three most widely used password management systems. http://www.darkreading.com/operations/identity-and-access-management/new-cit... http://arstechnica.com/security/2014/11/citadel-attackers-aim-to-steal-victi... [Editor's Note (Honan0: If you have not done so already its time to turn on the two factor authentication features on your account that many of these password managers offer.]