Threat actors leverage HTTP client tools for Account Takeover (ATO) attacks
Malware Developments
Threat actors leverage HTTP client tools for Account Takeover (ATO) attacks
Attackers are increasingly leveraging HTTP client tools to execute account takeover (ATO) attacks, particularly targeting cloud environments like Microsoft 365. These tools, originally designed for legitimate HTTP request handling, are now being exploited for brute force attacks, adversary-in-the-middle (AitM) techniques, and credential theft.?READ MORE.
ESXi ransomware campaigns exploit SSH tunneling?
Researchers have identified that cybercriminals behind ESXi ransomware campaigns are specifically targeting virtualized environments by utilizing SSH tunneling to bypass security defenses. These attackers adopt ‘living-off-the-land’ techniques, leveraging native utilities such as SSH to create a SOCKS tunnel between their C2 servers and the compromised system. READ MORE.
Identified Trends
Google Gemini Exploited for Enhanced Cyber Attacks
Government-backed hackers and cybercriminals worldwide are increasingly using Google's Gemini AI to enhance their cyber-espionage and criminal activities. Instead of inventing new methods, these adversaries employ AI to improve and hasten their established techniques.?READ MORE.
Gain deeper Cyber Threat Intelligence (CTI) insights!
CyberProof’s CTI service offers comprehensive threat intelligence coverage, ensuring that your organization stays ahead of active threats that pose the greatest risk to your assets.
Our advanced CTI team investigates the threat landscape, providing you with detailed reports, related Indicators of Compromise (IOCs), technical recommendations, and MITRE ATT&CK mapping.