Google Exposes BlackFile Extortion Operation's Tactics

Google's Threat Intelligence Group just exposed the clever tactics of the notorious BlackFile extortion operation, revealing how they use voice phishing and sneaky tech tricks to swindle dozens of organizations worldwide. Their clever scheme starts with a simple phone call, where fake IT helpers trick victims into spilling their secrets.

https://osintsights.com/google-exposes-blackfile-extortion-operations-tactics?utm_source=mastodon&utm_medium=social

#Adversaryinthemiddle #Vishing #Aitm #Unc6671 #GoogleThreatIntelligenceGroup

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTMtoken compromise - https://www.redpacketsecurity.com/breaking-the-code-multi-stage-code-of-conduct-phishing-campaign-leads-to-aitmtoken-compromise/

#threatintel
#aiTM-phishing
#credential-theft
#phishing-attack
#adversary-in-the-middle
#cybersecurity-awareness

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees - https://www.redpacketsecurity.com/investigating-storm-2755-payroll-pirate-attacks-targeting-canadian-employees/

#threatintel
#payroll-pirate-attacks
#AiTM
#phishing-resistant-MFA
#Workday
#Canada

📰 Sophisticated AiTM Phishing Campaign Targets TikTok for Business Accounts to Bypass MFA

⚠️ Phishing Alert: Sophisticated AiTM campaign targeting TikTok for Business accounts to bypass MFA and steal session cookies. Attackers use Google Storage URLs to evade detection. #Phishing #AiTM #TikTok

🔗 https://cyber.netsecops.io/articles/phishing-campaign-targets-tiktok-for-business-accounts-with-aitm-kits/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale - https://www.redpacketsecurity.com/inside-tycoon2fa-how-a-leading-aitm-phishing-kit-operated-at-scale/

#threatintel
#tycoon2fa
#aitm
#phishing
#mfa
#cybercrime

DKnife – nowy cyberzagrożenie w routerach zmienia zasady bezpieczeństwa sieci

Czy Twój router to tylko nudne pudełko do Wi-Fi? DKnife pokazuje, że to może być idealna budka podsłuchowa – tuż przy drzwiach Twojej sieci.

Czytaj dalej:
https://pressmind.org/dknife-nowy-cyberzagrozenie-w-routerach-zmienia-zasady-bezpieczenstwa-sieci/

#PressMindLabs #aitm #darknimbus #dknife #routery #shadowpad

Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint - https://www.redpacketsecurity.com/resurgence-of-a-multi-stage-aitm-phishing-and-bec-campaign-abusing-sharepoint/

#threatintel
#AiTM phishing
#BEC
#SharePoint abuse
#MFA bypass
#Energy sector security

Phishing actors exploit complex routing and misconfigurations to spoof domains - https://www.redpacketsecurity.com/phishing-actors-exploit-complex-routing-and-misconfigurations-to-spoof-domains/

#threatintel
#phishing
#spoofing
#AiTM
#Tycoon2FA
#email-security

A five-month spearphishing operation discovered by Socket has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare industries.

Read More: https://www.security.land/npm-registry-weaponized-in-spearphishing-campaign-against-critical-infrastructure/

#SecurityLand #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev

VoidProxy phishing-as-a-service bypasses MFA & SSO for Microsoft 365/Google accounts. Okta Threat Intelligence reveals sophisticated AitM attacks defeating modern authentication. Enterprise security teams: reassess your defenses NOW.

#SecurityLand #ThreatHorizon #CyberSecurity #PhishingAttack #EnterpriseSecurity #AitM #Phishing #VoidProxy

Read More: https://www.security.land/voidproxy-emerges-as-advanced-phishing-as-a-service-platform-targeting-enterprise-authentication-systems/