Displaying items by tag: spearphishing
Phishing Campaign Targeting Ukraine uses Fake AntiMalware Update
Ukrainian Security Officials are warning of an active phishing campaign. The campaign involves emails that impersonate government agencies and include links to what appear to be critical security updates. The payload of the campaign delivers Cobalt Strike and a few other things to complete the set and compromise the computer.
noVNC Used by Clever Pentester to get Around MFA During Spearphishing Attack
Most attacks, be they real or from a penetration test, begin with an attempt to compromise a single system, or user. The compromise of a device or user account gives the attacker a small foothold in an environment that they can use to pivot to other areas and begin their complete takeover of the targeted organization. Defenders use many techniques to try to prevent this including complex passwords, complex usernames and, of course multi-factor authentication (MFA). MFA, when done properly, reduces the risk of credential compromise from phishing and spearphshing significantly.