At a glance.
- Man-in-the-middle phishing attacks are on the rise.
- Almost 180 organizations are still vulnerable to the Go-Anywhere MFT vulnerability.
- CACTUS, a new ransomware leveraging VPNs to infiltrate its target.
- CISA and FBI release a joint report on PaperCut NG/MF vulnerability exploitation.
- More bad bots out there than anyone would like.
- Russia-Ukraine disinformation update.
- Patch news.
- Crime and punishment.
- Courts and torts.
- Policies, procurements, and agency equities.
- Mergers and acquisitions.
- Investments and exits.
Man-in-the-middle phishing attacks are on the rise.
In a report released this week, Researchers at Cofense Intelligence explained that man-in-the-middle (MtM) attacks have increased by 35% between Q1 2022 and Q1 2023. Threat actors are combining MtM attacks with credential phishing with the intention of stealing usernames and passwords and session cookies to bypass multi-factor authentication.95% of the MitM phishing attacks they observed targets Microsoft Office 365 authentication. They also tend to use URL redirection: “89% of campaigns used at least one URL redirect, and 55% used two or more.” These MitM phishing attacks evade standard secure connection processes used in most websites by setting up two secure connections between the attacker and the victim and the attacker and the desired website. The attackers then use a proxy login page to harvest credentials from the victim.