all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

EvilProxy Account Takeover Campaign Targets Key Executives

Add to bookmarks
Aug. 10, 2023, 11:20 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

An escalating threat, named EvilProxy, combines advanced Adversary-in-the-Middle (AitM) phishing with sophisticated Account Takeover (ATO) methods to efficiently nab credentials protected with multi-factor authentication (MFA) and session cookies. 


In the last six months, researchers have observed a significant increase in successful cloud account takeovers that specifically target high-profile executives in prominent firms. The attacks employed EvilProxy, which is a reverse proxy-based phishing tool.


This trend is propelled by the growing adoption of MFA within organizations. Notably, research reveals that a …

account account takeover account takeovers advanced adversary adversary-in-the-middle aitm ato authentication campaign cloud cookies credentials evilproxy executives factor high key mfa multi-factor multi-factor authentication nab phishing profile researchers session takeover takeovers target threat

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Malware Simulators cannot test Antivirus Software 5 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 6 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 8 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 11 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 15 hours ago | malware.news
accounts can consumer cracked +10
Attackers evade detection by leveraging Microsoft Graph API 15 hours ago | malware.news
api article attackers cloud +15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 16 hours ago | malware.news
article cisco credit credit monitoring +8
Code faster with generative AI, but beware the risks when you do 16 hours ago | malware.news
article can code coding +13
Proposed Bill Focuses on Voluntary AI Security Incident Reporting 17 hours ago | malware.news
ai security bill companies cybersecurity +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US
View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site
View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1
View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States
View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote
View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON
View on infosec-jobs.com
View more jobs