#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

AitM phishing | Breaking Cybersecurity News | The Hacker News

Category — AitM phishing
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

Nov 09, 2023 Endpoint Security / Malware
A new  malvertising campaign  has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its infrastructure (domain names) and cloaking templates used to avoid detection," Malwarebytes' Jérôme Segura  said . While malvertising campaigns are known to set up replica sites advertising widely-used software, the latest activity marks a deviation in that the website mimics WindowsReport[.]com. The goal is to trick unsuspecting users searching for CPU-Z on search engines like Google by serving malicious ads that, when clicked, redirect them to the fake portal (workspace-app[.]online). At the same time, users who are not the intended victims of the campaign are served an innocuous blog with different articles, a technique known a...
Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Aug 29, 2023 Online Security / Cyber Threat
Microsoft is warning of an increase in adversary-in-the-middle ( AiTM ) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities. "This development in the PhaaS ecosystem enables attackers to conduct high-volume phishing campaigns that attempt to circumvent MFA protections at scale," the Microsoft Threat Intelligence team  said  in a series of posts on X (formerly Twitter). Phishing kits with AiTM capabilities work in two ways, one of which concerns the use of reverse proxy servers (i.e., the phishing page) to relay traffic to and from the client and legitimate website and stealthily capture user credentials, two-factor authentication codes, and session cookies. A second method involves synchronous relay servers. "In AiTM through synchronous relay s...
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025

The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025

Feb 06, 2025AI Security / Cybersecurity
Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 (according to Research Nester), organizations invest heavily in PAM solutions. Why is PAM climbing the ranks of leadership priorities? While Gartner highlights key reasons such as enhanced security, regulatory compliance readiness, and insurance requirements, the impact of PAM extends across multiple strategic areas. PAM can help organizations enhance their overall operational efficiency and tackle many challenges they face today. To explore more about PAM's transformative impact on businesses, read The Cyber Guardian: PAM's Role in Shaping Leadership Agendas for 2025 by a renowned cybersecurity expert and former Gartner lead analyst Jonathan Care.  What cybersecurity challenges may organizations face in 2025? The cybersecurity landsca...
Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

Jun 09, 2023 Cyber Threat / Financial Security
Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle ( AitM ) phishing and business email compromise (BEC) attack, Microsoft has revealed. "The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC activity spanning multiple organizations," the tech giant  disclosed  in a Thursday report. Microsoft, which is tracking the cluster under its emerging moniker  Storm-1167 , called out the group's use of indirect proxy to pull off the attack. This enabled the attackers to flexibly tailor the phishing pages to their targets and carry out session cookie theft, underscoring the continued sophistication of AitM attacks. The modus operandi is unlike other AitM campaigns where the decoy pages act as a  reverse proxy  to harvest credentials and time-based one-time passwords (TOTPs) entered by the victims. "The attacker presented targets with a website th...
cyber security

Webinar: 5 Ways New AI Agents Can Automate Identity Attacks | Register Now

websitePush SecurityAI Agents / Identity Security
Learn how CUAs like OpenAI Operator can be used by attackers to automate account takeover and exploitation.
Expert Insights / Articles Videos
Cybersecurity Resources