#adversary-in-the-middle

[ follow ]
#dknife #deep-packet-inspection #chinese-speaking-targets #shadowpaddarknimbus #shadowpad #darknimbus #upsec
#dknife
more#dknife
Information security
fromArs Technica
4 months ago

"Payroll Pirate" phishing scam that takes over Workday accounts steals paychecks

Attackers use phishing and adversary-in-the-middle techniques to steal Workday credentials and MFA codes, then change payroll settings to divert direct-deposit payments to their accounts.
Information security
fromThe Hacker News
5 months ago

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 uses captive-portal AitM redirects and a digitally signed STATICPLUGIN downloader to deploy a PlugX (SOGU.SEC) backdoor against diplomats and other targets.
[ Load more ]