#AitMPhishing

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

by

August 29, 2024 at 07:48AM Attackers are increasingly using new phishing toolkits, like adversary-in-the-middle (AitM), which lets them bypass traditional prevention controls. AitM phishing uses dedicated tooling to act as a proxy between the target and a legitimate login portal for an application, enabling attackers to steal live sessions. AitM toolkits employ reverse web proxies … Read more

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI

by

May 27, 2024 at 06:06AM Researchers have identified phishing campaigns abusing Cloudflare Workers to serve phishing sites targeting Microsoft, Gmail, Yahoo!, and cPanel Webmail users. The phishing method, called transparent phishing, utilizes Cloudflare Workers as a reverse proxy server. The attacks predominantly target Asia, North America, and Southern Europe, using HTML smuggling to deploy the … Read more