Threat Group: Scattered Spider Threat Type: Cybercrime Group (Focused on Cloud Environments, Ransomware) Exploited Vulnerabilities: Azure Cross-Tenant Synchronization, Federated Identity Providers, Cloud Platforms Malware Used: AlphV ransomware, Spectre RAT Threat Score: 🔴 High (8.8/10) – Due to its sophisticated exploitation of cloud-based systems, privilege escalation methods, and use of advanced
Threat Group: Unknown Threat Type: Phishing Kit Exploited Vulnerabilities: Session Hijacking, Reverse Proxy Techniques Malware Used: Astaroth Phishing Kit Threat Score: High (8.9/10) – Due to its sophisticated methods of bypassing two-factor authentication (2FA) and real-time credential interception, posing significant risks to user accounts. Last Threat Observation: February 26
Threat Group: FlowerStorm Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: FlowerStorm phishing kit Threat Score: High (8.5/10) – Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: December 20, 2024 Overview The cybersecurity
Threat Group: Storm-1575 Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: Rockstar 2FA phishing kit Threat Score: High (8.5/10) — Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: November 30, 2024 Overview The