top of page
Search
Writer's pictureStormsec

Large-Scale AiTM Attack targeting enterprise users of Microsoft email services

Security researchers discovered a new strain of a large-scale phishing campaign, which uses adversary-in-the-middle (AiTM) techniques along with several evasion tactics. Similar AiTM phishing techniques were used in another phishing campaign described by Microsoft recently.


REFERENCES: https://www.zscaler.com/blogs/security-research/large-scale-aitm-attack-targeting-enterprise-users-microsoft-email-services https://github.com/threatlabz/iocs/blob/main/aitm_phishing/iocs.txt





ATT&CK IDS: T1090 - Proxy, T1140 - Deobfuscate/Decode Files or Information, T1553 - Subvert Trust Controls, T1555 - Credentials from Password Stores, T1566 - Phishing, T1574 - Hijack Execution Flow, T1189 - Drive-by Compromise


Read More:

0 views

Comments


Commenting has been turned off.
bottom of page