Tag: initial access broker

3 articles

Rows of network equipment and devices on racks in a dimly lit, empty server room.

Credential Attacks Target Fortinet, Sophos, MSSQL Devices in Large-Scale Campaign

A large-scale password spraying and credential theft campaign, dubbed "FortiBleed," is targeting Fortinet devices, with attempts also seen against MSSQL services and Sophos devices, warns Unit 42. This coordinated attack has sparked concerns over widespread credential attacks.

Analyst 207Jun 20, 2026

Person sitting at desk with laptop showing Microsoft Teams, surrounded by office equipment and cityscape through window.

KongTuke Hackers Exploit Microsoft Teams for Rapid Corporate Breaches

KongTuke hackers have found a lightning-fast way to breach corporations, exploiting Microsoft Teams to go from initial contact to persistent foothold in under five minutes. This alarming new tactic is part of KongTuke's evolving social engineering toolkit, complementing its previous web-based attacks.

Analyst 207May 14, 2026

Well-lit IT workstation with computer screens and equipment in a small business network operations area.

Phishing Campaign Exploits Legitimate RMM Tools to Hit 80+ Orgs

A sneaky phishing campaign has infiltrated over 80 organizations, mostly in the US, by exploiting legitimate remote monitoring and management (RMM) tools like SimpleHelp and ScreenConnect. The attackers cleverly used customized versions of these tools, already installed by the victims, to bypass defenses and gain unauthorized access.

Analyst 207May 4, 2026