Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service

Hackers use FastHTTP in new high-speed Microsoft 365 password attacks

bleepingcomputer.com - 14/Jan 15:57

Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. [...]

Russian Threat Actor “Star Blizzard” Exploit WhatsApp Accounts Using QR Codes

itsecuritynews.info - 17/Jan 03:34

Microsoft Threat Intelligence has identified a concerning strategic shift by the notorious Russian threat actor group “Star Blizzard.” Known for...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

itsecuritynews.info - 13:34

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers to launch increasingly...

Russia-linked APT Star Blizzard targets WhatsApp accounts

securityaffairs.co - 17/Jan 06:22

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024,...

A novel PayPal phishing campaign hijacks accounts

securityaffairs.co - 11/Jan 09:04

Fortinet warns of a phishing campaign using legitimate links to hijack PayPal accounts, tricking users into granting unauthorized access. Fortinet...

New scam targets businesses on social media

it-online.co.za - 13/Jan 09:31

Kaspersky experts have uncovered a new phishing scam targeting businesses that promote their pages on Facebook. Scammers send emails allegedly on...

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

securityaffairs.co - 14/Jan 12:20

Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf...