credential theft

Once upon a time in the bustling land of corporate IT, passwords roamed freely through Windows networks, blissfully unaware that NTLM—the venerable but rather creaky gatekeeper of authentication—was about to get a rude awakening courtesy of modern cybercriminals. The NTLM Elephant in the Room...

When Microsoft stamped its latest security vulnerability as low risk, they probably didn’t expect hackers to treat it like Black Friday at a bug bazaar. Turning "Low Risk" into Worldwide Mayhem: The Unlikely Rise of CVE-2025-24054 On March 11—just another Patch Tuesday in corporate IT...

Red teams have a new trick up their sleeve. In an era when Microsoft fortifies credential theft defenses and Endpoint Detection and Response (EDR) systems evolve at breakneck speed, attackers are shifting away from classic payload-based methods. Enter RemoteMonologue—a highly innovative...

New Windows Zero-Day Vulnerability: NTLM Credential Theft on the Horizon A newly discovered zero-day vulnerability is sending shockwaves through the Windows community, potentially allowing remote attackers to steal NTLM authentication credentials without requiring any user interaction beyond...

In today's rapidly evolving cybersecurity landscape, Microsoft 365 environments are facing a new breed of sophisticated attacks that exploit one of the most trusted authentication methods—OAuth. Recent investigations have revealed that threat actors are leveraging fake OAuth applications...

Windows users and IT professionals need to take extra caution as attackers continuously refine their phishing playbook. Recent reports reveal that sophisticated adversaries are leveraging vulnerabilities in OAuth 2.0 redirection flows to target Microsoft 365 environments. In these OAuth-themed...

Let’s dive into a cybersecurity issue that should have every Windows 11 user and enterprise administrator on high alert. Researchers have recently uncovered a sinister exploitation of IBM i Access Client Solutions (ACS), an essential tool for managing IBM i systems, which attackers have cleverly...

Cybersecurity experts and enthusiasts, take a seat—this one’s a ride into the cutting-edge of cybercrime. A newly identified Adversary-in-the-Middle (AiTM) phishing kit dubbed “Sneaky Log” has been making waves in the underground cybercrime market. This innovative kit is specifically targeting...

Technology sure is a double-edged sword—a phrase perfectly illustrated by recent reports that hackers have misused Microsoft’s Azure OpenAI services. This isn’t your typical ransomware or phishing attack; this is a direct exploitation of some of the most advanced generative AI tools on Earth. If...

In a chilling revelation by Microsoft, hackers breached its Azure OpenAI services, bypassing safeguards to weaponize its generative AI tools for creating "harmful and offensive content". Azure OpenAI, designed to integrate OpenAI’s transformative AI technologies like ChatGPT and DALL-E into...

In a chilling demonstration of how well-coordinated phishing campaigns can wreak havoc, attackers recently targeted corporate Microsoft Azure environments by wielding malicious DocuSign PDF files. These attacks, according to Palo Alto Networks' Unit 42, aimed at infiltrating European automotive...

The Hidden Threat Lurking in Legitimate Platforms A phishing campaign with a particularly devious strategy has emerged, targeting Microsoft's Azure account users through an exploitation of HubSpot, a popular customer relationship management (CRM) platform. This campaign focuses on industries...

When we think of phishing, we traditionally imagine poorly executed emails riddled with typos that even the most casual observer could spot as fraudulent. But let’s be crystal clear: phishing isn’t what it used to be. Welcome to "HubPhish," an advanced phishing initiative targeting 20,000...

In the ever-evolving landscape of cybersecurity, a recent report sheds light on a sophisticated cyber-espionage campaign orchestrated by suspected Chinese state-backed hackers. Dubbed Operation Digital Eye, this malicious campaign employed an array of advanced tactics, leveraging tools such as...

In a grim reminder of cybersecurity's ever-evolving landscape, researchers have uncovered a new and sophisticated adversary-in-the-middle (AiTM) cyberattack targeting Microsoft 365 credentials. This campaign is powered by the upgraded Rockstar 2FA, a phishing-as-a-service (PhaaS) platform that...

Cybersecurity experts worldwide are buzzing about a new and daunting threat: the “Rockstar 2FA” phishing kit. This tool has been making waves as it exploits adversary-in-the-middle (AiTM) techniques to harvest credentials from Microsoft 365 users despite their use of multifactor authentication...

In an ever-evolving landscape of cybersecurity threats, Microsoft has taken a formidable step with its latest feature, Administrator Protection, in Windows 11. This innovative approach is designed to tackle the rising trend of credential theft and bolster administrative security. But how exactly...

In a dramatic escalation of cyber espionage tactics, the OilRig hacking group—known by various aliases such as Earth Simnavaz and APT34—has recently turned its focus to Microsoft Exchange servers, leveraging vulnerabilities to pilfer sensitive login credentials. This troubling development aligns...

Original release date: March 17, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency...

Original release date: September 22, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and...