Security researchers discovered a new strain of a large-scale phishing campaign, which uses adversary-in-the-middle (AiTM) techniques along with several evasion tactics. Similar AiTM phishing techniques were used in another phishing campaign described by Microsoft recently.
REFERENCES: https://www.zscaler.com/blogs/security-research/large-scale-aitm-attack-targeting-enterprise-users-microsoft-email-services https://github.com/threatlabz/iocs/blob/main/aitm_phishing/iocs.txt
INDUSTRIES: Finance, Manufacturing, Energy
TARGETED COUNTRIES: United Kingdom of Great Britain and Northern Ireland, United States of America, Australia, New Zealand
ATT&CK IDS: T1090 - Proxy, T1140 - Deobfuscate/Decode Files or Information, T1553 - Subvert Trust Controls, T1555 - Credentials from Password Stores, T1566 - Phishing, T1574 - Hijack Execution Flow, T1189 - Drive-by Compromise
Read More:
Comments