Lucene search
K

11 matches found

Microsoft Secure
Microsoft Secure
added 2026/05/04 3:0 p.m.9 views

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

In this article 1. Multi-step social engineering campaign leading to credential theft 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Hunting queries 5. Indicators of compromise Phishing campaigns continue to improve sophistication and refinement in blending social...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/27 12:3 p.m.5 views

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

Threat actors are using adversary-in-the-middle AitM phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actor...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/27 9:2 a.m.15 views

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI

Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. The attack method, called transparent phishing or adversary-in-the-middle Ai...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/09 3:53 p.m.32 views

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle AitM phishing and business email compromise BEC attack, Microsoft has revealed. "The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/06/08 4:0 p.m.14 views

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Defender Experts uncovered a multi-stage adversary-in-the-middle AiTM phishing and business email compromise BEC attack against banking and financial services organizations. The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/06/08 4:0 p.m.53 views

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Defender Experts uncovered a multi-stage adversary-in-the-middle AiTM phishing and business email compromise BEC attack against banking and financial services organizations. The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/03/13 4:0 p.m.16 views

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit

Adversary-in-the-middle AiTM phishing kits are part of an increasing trend that is observed supplanting many other less advanced forms of phishing. AiTM phishing is capable of circumventing multifactor authentication MFA through reverse-proxy functionality. DEV-1101 is an actor tracked by Microso...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/13 4:0 p.m.98 views

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit

Adversary-in-the-middle AiTM phishing kits are part of an increasing trend that is observed supplanting many other less advanced forms of phishing. AiTM phishing is capable of circumventing multifactor authentication MFA through reverse-proxy functionality. DEV-1101 is an actor tracked by Microso...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/13 10:26 a.m.50 views

Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations

Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication MFA. "The attackers then used the stolen credentials and session...

6.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/07/12 4:0 p.m.73 views

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

A large-scale phishing campaign that used adversary-in-the-middle AiTM phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication MFA. The attackers then used the stolen credentials and session...

Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/12 4:0 p.m.54 views

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

A large-scale phishing campaign that used adversary-in-the-middle AiTM phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication MFA. The attackers then used the stolen credentials and session...

Exploits0
Rows per page
Query Builder