Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every day, threat actors devise new plans for breaking into secure systems. The steps they take, from researching a target to carrying out the attack, are known as the cyber kill chain. Traditionally, that kill chain has targeted devices and networks that lie completely within your organization’s control. For better or worse, mobile and cloud-based work have upended that dynamic.

The latest data on brand phishing trends shows one brand dominating quarter over quarter, but also continuing to take on a larger share of the brand impersonation. Take a guess which brand tops the list as the most impersonated in phishing attacks? If you guessed Microsoft, you’d be right. You’d also have been right last quarter, and the quarter before that – according to Check Point Research.

Welcome to the second part of our investigation into the Rockstar kit, please check out part one here. This blog tackles real-world Rockstar 2FA email examples incorporating noteworthy techniques.

We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA). The majority of people, including the majority of cybersecurity practitioners, do not know that most MFA…especially the most popular types used today (e.g., one-time passwords, pushed-based, SMS-based, etc.), can be as easily phished or bypassed as the passwords they were intended to replace.

Analysis of a new phishing attack highlight just how easy it can be to spot these kinds of attacks if recipients were properly educated. Action Fraud, the U.K.’s national fraud & cyber reporting center, recently warned U.K. residents of a scam impersonating Starbucks.

Trustwave SpiderLabs has been actively monitoring the rise of Phishing-as-a-Service (PaaS) platforms, which are increasingly popular among threat actors. In our previous blog, we explored the appeal of these platforms and discussed various major phishing kits today. In this two-part blog, we'll focus on a phishing kit named ‘Rockstar 2FA’ that is linked to widespread adversary-in-the-middle (AiTM) phishing attacks.

We probably do not need to cover this, but we’ll provide a quick overview – M365 has a host of advantages, including scalability and convenience. Because the platform is cloud-based, businesses can effortlessly access their data and applications and shift to fully remote or hybrid working models without the common challenges of such a transition.

Every year, more and more companies are confronted with website and email spoofing worldwide. Cyber criminals use fake websites and fake email accounts for phishing, spear phishing and social engineering attacks to commit fraud, redirect web traffic, or manipulate search engine rankings. The disarming, or takedown, of these fake domains is a real challenge for more and more security teams. This is because cyber criminals are becoming increasingly professional in their spoofing activities.