ALL POSTS

Key Findings: Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. Starkiller is advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a dashboard to impersonate brands or enter a brand's real URL. The platform lets users choose custom keywords and integrates URL shorteners to obscure the destin

Key Findings Mandiant has identified an "expansion in threat activity" using tactics consistent with extortion-themed attacks orchestrated by the ShinyHunters hacking group The attacks leverage advanced voice phishing (vishing) and fake credential harvesting sites to gain unauthorized access to victim environments by collecting sign-on (SSO) credentials and multi-factor authentication (MFA) codes The end goal is to target cloud-based software-as-a-service (SaaS) applications