I am admiring the restraint of the reporting I'm seeing of Kohler's false security claims about their toilet-bowl camera. I can't understand how every headline isn't an END-to-end encryption joke. It's right there.
#infosec #Kohler

Don’t let MFA lull you into complacency. Advanced phishing kits can still slip through.

Before the Thanksgiving holiday, one of our customers alerted us to an Evilginx MITM phishing campaign targeting university students and SSO portals. At least 18 American institutions were targeted.

We tested several approaches for large-scale detection, including analyzing web server fingerprints and HTTP artifacts. However, this proved challenging because Evilginx operates as a proxy between the victim’s browser and the legitimate login page, making its behavior and content nearly indistinguishable from the real site. In the end, we mostly relied on DNS for confirmation and classification.

Here is a short blog about the campaign and actor, including involved domains and IPs.

https://blogs.infoblox.com/threat-intelligence/dns-uncovers-infrastructure-used-in-sso-attacks/

#InfobloxThreatIntel #dns #evilginx #threatintel #threatintelligence #infosec #cybersecurity #cybercrime #infoblox #phishing #mitm #aitm #sso #mfa #university #students #proxy #login

RE: https://mastodon.social/@eff/115640181870621700

Wow, looked up Miami and couldn't stop scrolling to see all of the surveillance tools that are used here. :(

This is a fantastic resource!

#Privacy #Security #Miami #Florida #Tech #Cybersecurity #InfoSec

RE: https://mastodon.social/@eff/115640181870621700

Wow, looked up Miami and couldn't stop scrolling to see all of the surveillance tools that are used here. :(

This is a fantastic resource!

#Privacy #Security #Miami #Florida #Tech #Cybersecurity #InfoSec