Skip to main content

Tag: adversary in the middle

6 articles

Cramped server room with laptop and cables in ordinary indoor lighting.

Evilginx Phishing Ops Expose Microsoft 365 MFA Weaknesses

A French security firm stumbled upon a live Microsoft 365 phishing operation when a simple Python command was left exposed in a readable file, revealing a treasure trove of sensitive data. This lucky discovery shed light on the alarming weaknesses in Microsoft 365's multi-factor authentication.

Analyst 207
Blurred laptop screen with phishing email on a desk in a brightly-lit office setting.

Forg365 Phishing Platform Exploits AI to Target Microsoft 365 Accounts

Meet Forg365, a sneaky new phishing platform that uses AI to make it easy for hackers to target Microsoft 365 accounts and steal sensitive info. This phishing-as-a-service operation offers a range of tools, including AI-generated lures, to help cybercriminals launch convincing attacks.

Analyst 207
Laptop on a table in a brightly-lit public area, suggesting internet access.

Bluekit Phishing Kit Enhances Login Theft with Browser-in-the-Middle Tactics

Bluekit's phishing kit just got a sinister upgrade, now using browser-in-the-middle tactics to steal logins in real-time. This move has led to a massive expansion of its infrastructure, with nearly 70 new hostnames appearing in just one week.

Analyst 207
Person receiving phone call in office setting with blurred phone screen and computer in background.

Google Exposes BlackFile Extortion Operation's Tactics

Google's Threat Intelligence Group just exposed the clever tactics of the notorious BlackFile extortion operation, revealing how they use voice phishing and sneaky tech tricks to swindle dozens of organizations worldwide. Their clever scheme starts with a simple phone call, where fake IT helpers trick victims into spilling their secrets.

Analyst 207
Laptop screen shows Google search results with suspicious ManageWP ad amidst office or home workspace.

Hackers exploit Google ads for ManageWP phishing scam

Beware of a sneaky phishing scam targeting ManageWP users, where hackers use Google ads to trick victims into divulging their login credentials on a fake website that looks identical to the real one. This clever attack can put hundreds of sites at risk, since each ManageWP account typically hosts multiple sites.

Analyst 207
A brightly-lit office workspace with a laptop on a desk, surrounded by ordinary decor and a subtle hint of a phone nearby.

Cybercrime Groups Exploit Vishing, SSO Abuse in SaaS Extortion Spree

Cybercrime groups are launching lightning-fast extortion attacks within trusted SaaS environments, exploiting vishing and SSO abuse to evade detection and strike with precision. By hiding in plain sight, they're creating significant challenges for defenders trying to keep up.

Analyst 207