MFA - Cybersec Sentinel

MFA

A collection of 4 posts

Scattered Spider Shifts to Aviation, Retail, and Transport in Latest Campaigns

Scattered Spider Shifts to Aviation, Retail, and Transport in Latest Campaigns

Threat Group: Scattered Spider Threat Type: Cybercrime Group (Focused on Cloud Environments, Ransomware) Exploited Vulnerabilities: Azure Cross-Tenant Synchronization, Federated Identity Providers, Cloud Platforms Malware Used: AlphV ransomware, Spectre RAT Threat Score: 🔴 High (8.8/10) – Due to its sophisticated exploitation of cloud-based systems, privilege escalation methods, and use of advanced

Astaroth Phishing Kit Exploits 2FA Weaknesses in Gmail and O365

Astaroth Phishing Kit Exploits 2FA Weaknesses in Gmail and O365

Threat Group: Unknown Threat Type: Phishing Kit Exploited Vulnerabilities: Session Hijacking, Reverse Proxy Techniques Malware Used: Astaroth Phishing Kit Threat Score: High (8.9/10) – Due to its sophisticated methods of bypassing two-factor authentication (2FA) and real-time credential interception, posing significant risks to user accounts. Last Threat Observation: February 26

FlowerStorm Phishing Service Gains Traction After Rockstar2FA Shutdown

FlowerStorm Phishing Service Gains Traction After Rockstar2FA Shutdown

Threat Group: FlowerStorm Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: FlowerStorm phishing kit Threat Score: High (8.5/10) – Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: December 20, 2024 Overview The cybersecurity

Rockstar 2FA Phishing Kit Empowers Hackers to Bypass MFA Defenses

Rockstar 2FA Phishing Kit Empowers Hackers to Bypass MFA Defenses

Threat Group: Storm-1575 Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: Rockstar 2FA phishing kit Threat Score: High (8.5/10) — Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: November 30, 2024 Overview The