FISA

A new phishing campaign is making waves in the cybersecurity community, targeting Microsoft 365 users by exploiting Microsoft’s own Active Directory Federation Services (ADFS). What makes this attack particularly dangerous is that it uses legitimate office.com links as part of the lure, giving victims a false sense of security before redirecting them to malicious login pages. How the Attack Works Researchers at Push Security uncovered this campaign, noting that it represents a major evolution in phishing techniques. Instead of relying on suspicious emails or obvious fake websites, the attackers are leveraging malvertising —malicious ads placed on search engines. For example, a user searching for “Office 365” may see a sponsored link that looks completely legitimate. Clicking it takes them to a genuine outlook.office.com URL. However, that URL is carefully crafted to trigger a redirect controlled by the attackers. The key lies in abusing ADFS , which normally provides single sign-...

A highly advanced phishing campaign has emerged, targeting Gmail’s massive user base of over 3 billion by leveraging legitimate Google services to evade standard email defenses. The attackers are using OAuth-based applications and exploiting DomainKeys Identified Mail (DKIM) validation techniques to craft messages that mimic genuine Google security alerts—effectively slipping past traditional security filters and even multi-factor authentication (MFA). These phishing messages are cleverly disguised as critical security warnings, such as notices about legal subpoenas or urgent account issues. Because the emails are cryptographically signed and technically legitimate, they land directly in users’ inboxes with no spam or phishing warnings, often appearing in the same conversation thread as real messages from Google. The phishing mechanism directs recipients to fake Google Support pages hosted on sites.google.com —a trusted domain—rather than the legitimate accounts.google.com authentic...

While IT executives understand the essential role privileged access management (PAM) solutions play in their organization’s overall security strategy, they’ve also continued to ask their PAM administrators to do more with less resources. To meet these additional asks, PAM admins have automated routine PAM tasks using scripts. PAM automation scripts can significantly lessen the burden on PAM admins and enable organizations to scale PAM usage across their entire enterprise. 1- Why Are PAM Automation Scripts So Powerful? A PAM admin’s daily responsibilities typically revolve around the lifecycles of privileged users in their organization and require high levels of privilege. For example, when a privileged user joins the organization, the PAM admin has to add them to the right safes and grant them the necessary permissions they need to perform their privileged tasks. If a user leaves an organization, all that access has to be revoked to ensure the organization remains secure. These process...