📝 Our latest #TDR report delivers an in-depth analysis of Adversary-in-the-Middle (#AitM) #phishing threats - targeting Microsoft 365 and Google accounts - and their ecosystem.
This report shares actionable intelligence to help analysts detect and investigate AitM phishing.
🔍 Phishing-as-a-Service (#PhaaS) is driving a wave of large-scale, sophisticated attacks against organisations.
In our new blogpost, we provide an overview of the key techniques, tactics and social engineering schemes that cybercriminals use in AitM phishing attacks.
🎣 Leveraging our telemetry and proactive hunting, we ranked the most widespread AitM phishing kits - #Tycoon2FA, #Storm1167, #NakedPages, #Sneaky2FA, and more.
Additionally, the article includes summary sheets covering 11 AitM phishing kits.
🕵️ We also highlight multiple detection opportunities for AitM attacks in Microsoft Entra environments.
All technical details are available on our community GitHub: https://buff.ly/v5Y6amN
We hope SOC, CERT and CTI teams find our global analysis of AitM phishing threats both insightful and actionable.
Dive in here ⬇️
https://blog.sekoia.io/global-analysis-of-adversary-in-the-middle-phishing-threats
Sekoia.io