Tag: phishing

  • UNC3944 Exploits Azure Serial Console for Complete VM Takeover

    DEFENDEDGE

    A threat group known as UNC3944 (also known as Roasted 0ktapus and Scattered Spider) has been observed hijacking Microsoft Azure admin accounts through phishing and SIM-swapping attacks. The financially motivated group bypasses traditional detection methods within Azure and gains full administrative access to compromised virtual machines (VMs) within victim organizations using Microsoft’s cloud computing service.… Read more

  • New “Greatness” Phishing-as-a-Service Tool Already Active in Phishing Campaigns

    DEFENDEDGE

    A new phishing tool called “Greatness” has been discovered and deployed in various phishing campaigns since mid-2022. Security researchers identified several features commonly found in advanced phishing-as-a-service (PaaS) offerings like multi-factor authentication (MFA) bypass, IP filtering, and integration with Telegram bots. Greatness specifically targets victims through Microsoft 365 phishing pages and provides affiliates with an… Read more

  • Social Engineering

    DEFENDEDGE

    Social Engineering How to Stop Social Engineering, Phishing Attacks, and Identity Theft​ What is social engineering? In a social engineering scenario, the attacker (bad actor) uses human interaction through social media, email, or some other form of communications to obtain targeted information. These bad actors typically claim to be a new employee, repair person, or… Read more