Security News > 2024 > September > Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
2024-09-16 04:23
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials. "Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content," Palo Alto
News URL
https://thehackernews.com/2024/09/cybercriminals-exploit-http-headers-for.html
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Cybercriminals shift focus to social media as attacks reach historic highs (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)