all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Add to bookmarks
June 8, 2023, 4 p.m. | Microsoft Threat Intelligence

Microsoft Security Blog www.microsoft.com

Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations for financial fraud, and did not use a reverse proxy like typical AiTM attacks.


The post Detecting and mitigating a multi-stage AiTM phishing and BEC campaign appeared first on Microsoft Security Blog.

adversary adversary-in-the-middle aitm aitm phishing attack attacks banking bec bec attacks business business email compromise campaign compromise compromised defender email email compromise experts financial financial fraud financial services fraud microsoft microsoft defender organizations partner phishing proxy reverse reverse proxy services stage supplier targeting vendor

Visit resource

More from www.microsoft.com / Microsoft Security Blog

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 1 week, 2 days ago | www.microsoft.com
blizzard compromise credentials cve +20
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 2 weeks ago | www.microsoft.com
access attack attackers blog +17
How Microsoft discovers and mitigates evolving attacks against AI guardrails 2 weeks, 6 days ago | www.microsoft.com
address attacks blog guardrails +8
Explore Microsoft’s AI innovations at RSA Conference 2024 3 weeks, 6 days ago | www.microsoft.com
ai innovations blog conference event +12
Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview 4 weeks ago | www.microsoft.com
can center comprehensive approach cybersecurity +14
​​Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, … 1 month ago | www.microsoft.com
amp and response center defender +25
Microsoft Copilot for Security: General Availability details 1 month, 1 week ago | www.microsoft.com
amplify april availability copilot +13
Microsoft Copilot for Security is generally available on April 1, 2024, with new capabilities 1 month, 2 weeks ago | www.microsoft.com
april capabilities copilot govern +6
Enhancing protection: Updates on Microsoft’s Secure Future Initiative 1 month, 3 weeks ago | www.microsoft.com
blog customers engineering future +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs