Moreover, IT admins should continuously monitor suspicious activities to protect their users against AiTM attacks.In - but first, Office 365 shops must learn the nuances of MFA management. Microsoft also recommends customers to use security defaults, continuous access evaluation, and use advanced anti-phishing solutions. The company suggests using certificate-based authentication (CBA), Microsoft Authenticator, FIDO2 security keys, and other methods to implement MFA in Azure AD. Microsoft detailed several security measures that help organizations to block AiTM phishing attacks. The AiTM phishing attack chain How to mitigate AiTM phishing attacks? Actors using this kit have varying motivations and targeting and might target any industry or sector,” the Microsoft Threat Intelligence team explained. “These attributes make the kit attractive to many different actors who have continually put it to use since it became available in May 2022. It makes it easier to bypass blocklists maintained for malicious URLs. There is also a feature that uses antibot functionality that triggers an href redirection to a benign page. First up, it enables threat actors to insert a CAPTCHA into the phishing process, which lets humans access the final phishing page. Interestingly, the AiTM kit leverages different techniques to avoid detection. It makes it difficult for hackers to gain unauthorized access to users’ accounts. The security feature requires users to provide one or more forms of authentication to access a service. Specifically, it gives threat actors the ability to bypass multi-factor authentication (MFA). Microsoft explained that the tool provides various advanced features that support the deployment of phishing campaigns in enterprise environments. Last year, cybercriminals started selling the Adversary-in-the-Middle (AiTM) phishing kit for $300 for a standard version and VIP licenses for $1,000. The software is designed to make it easier for attackers to deploy phishing campaigns to target enterprise accounts.Īccording to the Microsoft Threat Intelligence team, this phishing kit is an open-source tool that is developed by a hacking group called DEV-1101. Microsoft has warned customers about Adversary-in-the-Middle (AiTM) phishing kit available for sale on a popular cybercrime forum.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |