Device registration trick adds to phishers’ toolbox for victims without multifactor authentication

Found 119 days ago at Microsoft Press

The first campaign phase involved stealing credentials in target organizations located predominantly in Australia, Singapore, Indonesia, and Thailand. Stolen credentials were then leveraged in the second phase, in which attackers used compromised accounts to expand their foothold within the organization via lateral phishing as well as beyond the network via outbound spam. Connecting an attacker...

Read the article at Microsoft Press

More General News