Detecting and mitigating a multi-stage AiTM phishing and BEC campaign | Microsoft Security Blog
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign | Microsoft Security Blog
Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple su...
Microsoft researchers have discovered an emerging cluster of TTP's they have named Storm-1167 being used by an unknown threat actor to target banking and financial services institutions.
This threat actor has been utilizing phishing emails for initial compromise, then using compromised inboxes to further distribute their malicious phishing emails.
The threat actor has been observed taking steps to minimize detection and to establish persistence.