all InfoSec news
Phishing With Dynamite
Nov. 7, 2023, 1:50 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Token stealing is getting harder. Instead, stealing whole logged-in browser instances may be an easier and more generic approach. One attack, known as “browser-in-the-middle” (BitM), makes it possible to virtually place a user in front of our browser and request them to log in for us. One of my old work buddies referred to it as “phishing with dynamite” after using it on a few social engineering campaigns.
Cuddlephish is an open-source, point-and-shoot implementation of BitM for penetration testers.
But …
article link nov phishing posts specterops stealing team token topic
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Consultant/Senior Consultant – Categoria Protetta L. 68/99
@ BIP | Italy
SoC Security Architect, Platform Architecture
@ Apple | San Diego, California, United States
Cloud Engineer II- SOC Analyst
@ Insight Enterprises, Inc. | Gurugram Gurgaon HR, IN