Advertisement
Top
image credit: Adobe Stock

Hackers Using Device Registration Trick to Attack Enterprises with Lateral Phishing

January 28, 2022

Via: The Hacker News
Category:

Microsoft has disclosed details of a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices on a victim’s network to further propagate spam emails and widen the infection pool.

The tech giant said the attacks manifested through accounts that were not secured using multi-factor authentication (MFA), thereby making it possible for the adversary to take advantage of the target’s bring-your-own-device (BYOD) policy and introduce their own rogue devices using the pilfered credentials.

Read More on The Hacker News

RELATED PUBLICATIONS

Autodesk Drive Abused in Phishing Attacks 
AI set to play key role in future phishing attacks
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage

Latest Publications

Improving cyber defense with open source SIEM and XDR
FBI takes down BreachForums ransomware website and Telegram channel
NHS Digital hints at exploit sightings of Arcserve UDP vulnerabilities
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!