#adversary-in-the-middle
#adversary-in-the-middle

[ follow ]

"Payroll Pirate" phishing scam that takes over Workday accounts steals paychecks

Attackers use phishing and adversary-in-the-middle techniques to steal Workday credentials and MFA codes, then change payroll settings to divert direct-deposit payments to their accounts.

Information security

fromThe Hacker News

2 months ago

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 uses captive-portal AitM redirects and a digitally signed STATICPLUGIN downloader to deploy a PlugX (SOGU.SEC) backdoor against diplomats and other targets.

Privacy technologies

fromTechzine Global

5 months ago

Cybercriminals are circumventing multi-factor authentication

MFA is becoming less effective against sophisticated attacks, requiring a reassessment of organizational security strategies.

[ Load more ]

#adversary-in-the-middle#adversary-in-the-middle

"Payroll Pirate" phishing scam that takes over Workday accounts steals paychecks

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

Cybercriminals are circumventing multi-factor authentication

#adversary-in-the-middle
#adversary-in-the-middle