all InfoSec news
Browser-in-the-Browser (BitB) Attack Takes Advantage of Single-Sign-On Trust
Sept. 27, 2023, 1:10 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
<div>
<div>
<div>
<div>
<div>
<p>Found in environments protected by: Microsoft EOP </p><p>By Elmer Hernandez, Cofense Phishing Defense Center </p><p>The Phishing Defence Center (PDC) has observed malicious html attachments intended to carry out Browser-in-the-Browser (BitB) attacks.</p><h2>What are BitB Attacks?</h2><p>BitB attacks can deceive users by displaying what appears to be a legitimate separate pop-up login window. This window contains a spoofed URL bar with an identical-looking domain name from a trusted authentication provider. BitB attacks can be effective because they abuse modern Single-Sign-On …
article attack attacks auth bitb browser browser-in-the-browser cofense compromise indicators of compromise link mail php sign single sso target topic trust url
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC
@ SAP | Dublin 24, IE, D24WA02
Product Security Response Engineer
@ Intel | CRI - Belen, Heredia
Application Security Architect
@ Uni Systems | Brussels, Brussels, Belgium
Sr Product Security Engineer
@ ServiceNow | Hyderabad, India
Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)
@ FiscalNote | United Kingdom (UK)