#SaaSAttacks

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

by

August 29, 2024 at 07:48AM Attackers are increasingly using new phishing toolkits, like adversary-in-the-middle (AitM), which lets them bypass traditional prevention controls. AitM phishing uses dedicated tooling to act as a proxy between the target and a legitimate login portal for an application, enabling attackers to steal live sessions. AitM toolkits employ reverse web proxies … Read more

Notorious cyber gang UNC3944 attacks vSphere and Azure to run VMs inside victims’ infrastructure

by

June 17, 2024 at 02:42AM The notorious cyber gang UNC3944, implicated in recent attacks on Snowflake and MGM Entertainment, is now targeting SaaS applications. They have shifted to primarily focusing on data theft extortion without using ransomware and employ social engineering tactics to compromise high-privilege accounts. UNC3944 has expanded its targets to include various SaaS … Read more