Indian government entities and the defense sector have been targeted by a phishing campaign engineered to drop Rust-based malware for intelligence gathering, dubbed Operation RusticWeb by enterprise security firm SEQRITE. The activity, detected in October 2023, has been linked to Pakistani threat group SideCopy. The malware collects system information and exfiltrates confidential documents to a web-based service engine.
Session tokens give attackers a shortcut around MFA
In this Help Net Security video, Simon Wijckmans, CEO at cside, discusses why session token theft is rising and why security teams miss it. He
