• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

“Greatness” Phishing Tool Exploits Microsoft 365 Credentials

You are here: Home / General Cyber Security News / “Greatness” Phishing Tool Exploits Microsoft 365 Credentials
May 11, 2023

A new phishing-as-a-assistance (PaaS) tool named “Greatness” has been deployed as part of a number of phishing strategies considering that at minimum mid-2022.

The results occur from security scientists at Cisco Talos, who explained them in an advisory revealed on Wednesday.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“Greatness incorporates options observed in some of the most superior PaaS choices, these types of as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots,” wrote researcher Tiago Pereira.

Primarily based on the company’s investigation, Greatness is solely focusing on victims by means of Microsoft 365 phishing web pages. The business provides its affiliate marketers an attachment and url builder to build reliable-hunting decoy and login web pages.

Study extra on identical attacks: Microsoft 365 Applications Continue on to be the Most Exploited Cloud Companies

“It contains attributes these types of as acquiring the victim’s email handle pre-filled and displaying their ideal business symbol and history graphic, extracted from the focus on organization’s serious Microsoft 365 login site,” Pereira stated.

“This will make Greatness notably nicely-suited for phishing company people.”

Soon after examining the domains focused in different strategies, Cisco Talos uncovered that the victims were being mainly corporations positioned in the US, UK, Australia, South Africa and Canada. 

Production, health and fitness care and technology have been the sectors most generally specific. Even so, Pereira clarified the distribution of victims varied marginally in between strategies in phrases of nation and sector.

“To use Greatness, affiliates should deploy and configure a supplied phishing kit with an API vital that will allow even unskilled risk actors to conveniently get edge of the service’s additional state-of-the-art attributes,” reads the advisory.

“The phishing package and API do the job as a proxy to the Microsoft 365 authentication procedure, doing a ‘man-in-the-middle’ attack and stealing the victim’s authentication qualifications or cookies.”

The Indicators of Compromise (IOC) for the investigate executed by Cisco Talos are available on their GitHub repository.

The results arrive a couple of months after Kaspersky security scientists uncovered a new variety of phishing attack that used respectable servers from Microsoft’s collaboration system, SharePoint.


Some components of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «new apt group red stinger targets military and critical infrastructure New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
Next Post: Ransomware Attacks Adapt With New Techniques: Kaspersky Report Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.