Security News > 2024 > September > Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
2024-09-16 04:23
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials. "Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content," Palo Alto
News URL
https://thehackernews.com/2024/09/cybercriminals-exploit-http-headers-for.html
Related news
- Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- HTTP your way into Citrix's Virtual Apps and Desktops with fresh exploit code (source)
- GoIssue phishing tool targets GitHub developer credentials (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Cybercriminals hijack DNS to build stealth attack networks (source)