Several high-volume phishing campaigns involving millions of emails have been conducted with the use of an open-source adversary-in-the-middle phishing kit developed by the DEV-1101 threat operation, The Hacker News reports.
Microsoft Threat Intelligence researchers discovered that since its emergence last May, the open-source phishing kit with the capability to establish Microsoft Office and Outlook impersonating pages, allow mobile campaign management, and permit CAPTCHA checks, has been updated to enable the use of a Telegram bot for server management.
Phishing emails delivered using the kit contain a PDF document link that redirects to a Microsoft sign-in portal-spoofing website and lures victims into completing CAPTCHA verification.
"Inserting a CAPTCHA page into the phishing sequence could make it more difficult for automated systems to reach the final phishing page, while a human could easily click through to the next page," said Microsoft, which urged the use of FIDO2 security keys and other phishing-resistant authentication to curb attacks.
Malware-free intrusions have become the leading cybersecurity threat against small- to medium-sized businesses, accounting for 56% of all cyber incidents during the third quarter, SiliconAngle reports.
Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports.
Email security: The current threat landscape, the latest tools/techniques
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news