Threat Group: FlowerStorm
Threat Type: Phishing-as-a-Service (PhaaS)
Exploited Vulnerabilities: User credentials and session cookies
Malware Used: FlowerStorm phishing kit
Threat Score: High (8.5/10) – Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users.
Last Threat Observation: December 20, 2024
Overview
The cybersecurity
