Subscribe Us

How a Team of Hackers left Stolen Phishing Credentials up for Grabs

admin November 03, 2021
Open TLDR

In August, attackers initiated a phishing campaign with emails that masqueraded as Xerox scan notifications, prompting users to open a malicious HTML attachment. While this infection chain may sound simple, it successfully bypassed Microsoft Office 365 Advanced Threat Protection (ATP) filtering and stole over a thousand corporate employees’ credentials. The attackers behind the campaign exposed the credentials they had stolen to the public Internet, across dozens of drop-zone servers used by the attackers. With a simple Google search, anyone could have found the password to one of the compromised email addresses: a gift to every opportunistic attacker.

image
Check Point Software Hacker Noon profile picture

@checkpointCheck Point Software

Welcome to the Future of Cyber Security. Providing solutions across all vectors to prevent 5th generation cyber attacks.

Check Point Software Hacker Noon profile picture
by Check Point Software @checkpoint. Welcome to the Future of Cyber Security. Providing solutions across all vectors to prevent 5th generation cyber attacks.Visit us
Check Point

Automate Security Across All Your Cloud Environments

Related Stories

Subject Matter
What Vulnerabilities FreakOut Takes Advantage of for Creating a Botnet by @checkpoint
#checkpoint
For a World That Won’t Wait: AMP by @webwalkerrz
#accelerated-mobile-pages
Avoid Stranger Danger: Review the new CISA Cybersecurity Guides by @z3nch4n
#best-practices
Redefining Trust: Smart Escrow Contracts by @api3
#crypto
What is URL Masking and How Does It Work? by @kalilinux
#cybersecurity

Tags

#checkpoint#phishing#cybersecurity#cybercrime#cyber-attack#phishing-attacks#wordpress-cyber-attack#good-company
Join Hacker Noon

Create your free account to unlock your custom reading experience.



How a Team of Hackers left Stolen Phishing Credentials up for Grabs
Source: Trends Pinoy
Tags

Post a Comment

0 Comments