Online Threat | Breaking Cybersecurity News | The Hacker News

Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MFA, EDR, and email content filtering. In this article, we're going to look at what AitM phishing is, how it works, and what organizations need to be able to detect and block these attacks effectively. What is AitM phishing? AitM phishing is a technique that uses dedicated tooling to act as a proxy between the target and a legitimate login portal for an application.  As it's a proxy to the real application, the page will appear exactly as the user expects, because they are logging into the legitimate site – just taking a detour via the attacker's device. For example, if accessing their webmail, the user will see all their real emails; if accessing their cloud file store then all the...

As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That's according to research from Imperva, a Thales company. In their 2024 Bad Bot Report , Imperva finds that bad bots accounted for 44.5% of the industry's web traffic in 2023—a significant jump from 37.4% in 2022.  The summer travel season and major European sporting events are expected to drive increased consumer demand for flights, accommodation, and other travel-related services. As a result, Imperva warns that the industry could see a surge in bot activity. These bots target the industry through unauthorized scraping, seat spinning, account takeover, and fraud. From Scraping to Fraud Bots are software applications that run automated tasks across the internet. Many of these tasks, from indexing websites for search engines to monitoring website performance, are legitimate, but a growing number are not...

When you see a post on a Facebook friend's wall that seems out of character, don't be too quick to click. Posts labeled "Pictures of girls in bikinis" or "All boys can stare at it but girls cannot" might be clickjacking attacks. These attacks typically don't carry malicious payloads, but they can certainly annoy any friends who fall for them. Here's how to avoid that scenario. Usually, the post itself uses a short, provocative phrase to spark your curiosity. If you fall for the attack currently making the rounds, you'll see a warning that the content might be inappropriate and a request to confirm that you're 18 or older. Once you click the button to confirm your age, you'll encounter another embedded dialog box. This one claims a need to verify that you're human, supposedly to avoid spam bots that are "putting an extra load on our servers." The box requests that you click numbered buttons in a specific order. Clicking th...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...