#CredentialPhishing

‘LockBit of phishing’ EvilProxy used in more than a million attacks every month

by

July 30, 2024 at 10:37AM EvilProxy, a phishing kit known as the “LockBit of phishing,” is being used to launch attacks using legitimate Cloudflare services to disguise malicious traffic. Criminals are offered customer support, videos, and guides to launch campaigns and disguise their activity. Notable threat actors, TA4903 and TA577, have adopted EvilProxy for their … Read more

China-Sponsored Attackers Target 40K Corporate Users in 90 Days

by

June 27, 2024 at 12:06PM State-sponsored actors have launched three novel credential-phishing campaigns compromising over 40,000 corporate users, including top executives, in just three months. These attacks use highly evasive tactics to circumvent security controls, focusing on stealing credentials from corporate users for cyber-espionage purposes. Security experts stress the need for organizations to adapt and … Read more