According to the cybersecurity firm Proofpoint, multifactor authentication (MFA) defenses are being circumvented by a ready-made phishing tool that has targeted thousands of victims.
The EvilProxy phishing kit has been widely employed by threat actors to go attack cloud targets in order to remotely hijack them. Proofpoint has identified over 1.5 million employees who have been targeted.
Many of these attacks appear to have targeted Microsoft users. Between March and June, Proofpoint detected about 120,000 phishing emails sent to hundreds of organizations worldwide that use Microsoft 365 read more Microsoft accounts targeted by EvilProxy phishing kits.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.