Security firm strikes telemetry jackpot as cybercrim self-monitors

Security vendor Huntress got more than just a trial customer when an active cybercriminal clicked on an Internet ad for its endpoint protection agent and installed the software. As the agent monitored the threat actor’s computer, Huntress’ security operations centre (SOC) was able to learn a great deal of unique information about the person, their […]

“VoidProxy” PhishKit targets Google and Microsoft users

Okta’s Threat Intelligence security researchers have discovered and analysed what they say is an advanced multi-factor authentication (MFA) bypassing phishing platform, and which lowers the technical barriers for entry. Admin login page for VoidProxy VoidProxy Targeting Microsoft and Google accounts, the phishing-as-a-service (PhaaS) platform, named VoidProxy, can circumvent MFA methods such as short messaging service […]