Man-inthe-Middle Attack

-

 Man-inthe-Middle Attack 

In early 2022, Microsoft discovered a phishing campaign targeting Office365 users. The attackers spoofed a phony 365 login page, gathering credentials for later abuse and misuse. To do this, the attackers used a Evilginx2 phishing kit — a man-in-themiddle (MITM) attack framework used for phishing login credentials along with session cookies, allowing bad actors to bypass two-factor authentication — in order to hijack the authentication process. Microsoft added in its blog post, “Note that this is not a vulnerability in MFA; since AiTM phishing steals the session cookie, the attacker gets authenticated to a session on the user’s behalf, regardless of the sign-in method the latter uses.”

What you need to know: The MITM attack, also known as adversary-inthe-middle (AiTM), sets up a proxy server that intercepts the victim’s log-in session, so that the malicious actor can act as a relay between the two parties or systems — thereby gaining access to and/or pilfering sensitive information. This type of attack allows a malicious actor to intercept, send and receive data intended for somebody else — or that’s not meant to be sent at all — without either outside party knowing, until it is too late. 

Comments

Post a Comment

Popular posts from this blog

Data From Information Repositories

-
Data From Information Repositories  The threat group APT28 reportedly compromised Hillary Clinton’s campaign, the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC) during Clinton’s presidential run against Donald Trump. The group has also targeted Eastern European governments, military and security-related organizations, including the North Atlantic Treaty Organization (NATO). The group uses a complex set of tools and strategies, surreptitiously accessing information repositories to control and steal data. APT28 has collected information from Microsoft SharePoint services within target networks. What you need to know: Information repositories are tools that allow for the storage of information — tools like Microsoft SharePoint and Atlassian Confluence. Information repositories typically facilitate collaboration or information sharing between users and they store a wide variety of data that may tempt attackers. Hackers may leverage inform...
Read more

Cybercrime Is Becoming an Increasingly Larger Threat Every Day

-
Image
  Cybercrime Is Becoming an Increasingly Larger Threat Every Day The FBI’s Internet Crime Complaint Center (IC3) releases annual reports on cybercrime. The latest report shows that from 2017–2021, the number of Americans who filed a cybercrime complaint rose by 181%, and total losses increased by 393% during the same period. IC3 Complaint Statistics Source:  https://www.hsdl.org/c/2021-internet-crime-report/ It is not just Americans that are seeing a rise in cybercrime—it’s businesses with global operations too.
Read more

IS your network secure?

-
Image
 IS your network secure? Did you know 1 in 10 business leaders don't know if they've got the right security people and skills in place? Now that's shocking. World Economic Forum - 2023 Global Security Outlook Report The gap between business and security is starting to close thanks to better communication. It's just in time, especially with the cyber landscape getting increasingly more complex. But recruitment and retention is still a major issue. In fact — 64% of cyber leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience.
Read more