X-Industry

aitm (6)

New VENOM PhaaS Targets C-Suite

31127771665?profile=RESIZE_400xA new threat intelligence report from Abnormal AI has revealed details of an ongoing, highly sophisticated phishing campaign that has systematically targeted C-suite executives and senior officers across 21 industry sectors over the past five months.  Investigations into the campaign's backend infrastructure led to the discovery of a previously undocumented Phishing-as-a-Service (PhaaS) platform named VENOM.    From November 2025 and through March 2026, this operation demonstrated a marked incre

The Normalization of Phishing

31016873059?profile=RESIZE_400xThe Hoxhunt 2025 Cyber Threat Intelligence Report delivers a sobering message for security professionals: the most dangerous threats are no longer the most obvious ones.  As 2026 approaches, enterprises are no longer fighting clumsy, error-riddled bulk spam; they are facing a quiet revolution where sophisticated, convincing attacks blend seamlessly into daily workflows, fueled by AI and advanced token-theft toolkits.

See:  https://hoxhunt.com/guide/threat-intelligence-report

The report, based on

MFA is Good, Right?

13156737698?profile=RESIZE_400x“Multi-Factor Authentication stops 99% of all attacks.”  It’s a phrase used quite a bit.  However, while MFA has become the go-to cybersecurity solution deployed by businesses globally, we must recognize that not all MFA solutions are created equal.  Many are as easy to hack with social engineering and phishing as traditional passwords.  So, the claim that almost all attacks can be repelled by MFA is an oversimplification at best and insincere at worst.

This raises an important question: if so,

A Phisher's Dream

10998110089?profile=RESIZE_400xAn open source Adversary-in-The-Middle (AiTM) phishing kit has found new users in the cybercrime world for its ability to make cyberattacks at scale.  Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging name DEV-1101.  An AiTM phishing attack typically involves a threat actor attempting to steal and intercept a target's password and session cookies by deploying a proxy server between the user and the website.

Such attacks are more effec

Weekly Cyber Intel Report - All Sector 08 12 2022

10764228452?profile=RESIZE_400xActivity Summary - Week Ending on 12 August 2022:

  • Red Sky Alliance identified 23,968 connections from new IP’s checking in with our Sinkholes
  • ril.com Hit
  • Analysts identified 765 new IP addresses participating in various Botnets
  • Zeppelin Ransomware
  • Exim
  • SmokeLoader
  • RapperBot
  • AiTM Phishing
  • BlenderBot
  • PortDoor & CotSam

Link to full report: IR-22-224-001_weekly224.pdf

Weekly Cyber Intel Report - All Sector 07 29 2022

10733059301?profile=RESIZE_400xActivity Summary - Week Ending on 29 July 2022:

  • Red Sky Alliance identified 25,992 connections from new IP’s checking in with our Sinkholes
  • Hetzner 10x
  • Analysts identified 309 new IP addresses participating in various Botnets
  • Ransomware UpDate
  • Adversary-in-the-Middle - AiTM
  • South Africa under Attack
  • Mercenary Spyware
  • T-Mobile
  • US Electric Grid
  • Kherson Ukraine

Link to full report: IR-22-210-002_weekly210.pdf