The “SessionShark” phishing toolkit circumvents Microsoft Office 365’s multi-factor authentication (MFA) by stealing session tokens. Marketed as phishing-as-a-service, it targets low-skilled attackers with realistic replicas of login interfaces and advanced evasion techniques. The toolkit alerts attackers in real-time when credentials are submitted, underscoring the need for enhanced security measures beyond MFA to combat evolving threats in cloud environments.
Fake Zoom malware scam tied to North Korean hackers targets crypto users – CoinJournal
Fake Zoom malware scam tied to North Korean hackers targets crypto users CoinJournal
