Security News > 2024 > August > New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials

2024-08-28 06:49
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. "By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves," Netskope Threat
News URL
https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html
Related news
- Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)
- Google binning SMS MFA at last and replacing it with QR codes (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- How QR code attacks work and how to protect yourself (source)