OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker
And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, and other vendors to steal users' credentials, according to Microsoft.…
Digital Skimming Attacks Spoof Stripe Payment Forms to Steal Payment Card DataMagecart-style digital skimming attacks targeting payment card data continue, with researchers detailing an active campaign targeting the popular WooCommerce platform and Stripe. Separately, widely used ConnectPOS exposing its code repository for years, posing a supply-chain risk for customers.
An ongoing phishing campaign impersonates popular brands, such as Unilever, Disney, MasterCard, LVMH, and Uber, in Calendly-themed lures to steal Google Workspace and Facebook business account credentials. [...]
PLUS: Luxury brands under fire; FBI warns crims are spoofing it again; ICE buys phone cracking software Infosec in brief Online criminals prefer to deal in digital assets, but a side effect of a ransomware attack has seen a French museum robbed of $705,000 in physical gold nuggets.…
Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized
A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel
The attackers are taking an indirect approach to targeting SEO professionals and their Google credentials, using a fake digital marketing website.
A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive information. [...]
A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. [...]
Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. [...]
Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud.
A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine
Plus a free micropatch until Redmond fixes the flaw There's a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people's NTLM credentials.…
An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector
A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries. [...]
Hands-On Review: Memcyco’s Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing reputation damage and financial losses for both organizations and customers
Akamai says it reported the flaws to Microsoft. Redmond shrugged A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers.…
Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here's a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries worldwide.