all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Add to bookmarks
June 8, 2023, 4 p.m. | Microsoft Threat Intelligence

Microsoft Security Blog www.microsoft.com

Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations for financial fraud, and did not use a reverse proxy like typical AiTM attacks.


The post Detecting and mitigating a multi-stage AiTM phishing and BEC campaign appeared first on Microsoft Security Blog.

adversary adversary-in-the-middle aitm aitm phishing attack attacks banking bec bec attacks business business email compromise campaign compromise compromised defender email email compromise experts financial financial fraud financial services fraud microsoft microsoft defender organizations partner phishing proxy reverse reverse proxy services stage supplier targeting vendor

Visit resource

More from www.microsoft.com / Microsoft Security Blog

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices 2 days, 14 hours ago | www.microsoft.com
attacks critical devices equipment +18
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware 2 weeks, 3 days ago | www.microsoft.com
attacks basta black basta black basta ransomware +19
Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information … 2 weeks, 5 days ago | www.microsoft.com
event event management gartner gartner magic quadrant +6
New capabilities to help you secure your AI transformation 3 weeks, 5 days ago | www.microsoft.com
age applications capabilities defender +14
Security above all else—expanding Microsoft’s Secure Future Initiative 4 weeks, 1 day ago | www.microsoft.com
blog cyberthreat driving future +8
Microsoft introduces passkeys for consumer accounts 4 weeks, 2 days ago | www.microsoft.com
accounts blog consumer microsoft +7
Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR 1 month ago | www.microsoft.com
and response capabilities compass detection +22
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 1 month, 1 week ago | www.microsoft.com
blizzard compromise credentials cve +20
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 1 month, 2 weeks ago | www.microsoft.com
access attack attackers blog +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com