Security News
The rising adoption of multi-factor authentication for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy tools. The increasing use of MFA has pushed phishing actors to use transparent reverse proxy solutions, and to cover this rising demand, reverse proxy phish kits are being made available.
One of the more popular reverse proxy tools at the moment is NGINX. Although NGINX itself is a web server, it does an outstanding job of serving as a reverse proxy. Sudo systemctl start nginx sudo systemctl enable nginx How to create a new NGINX config file.
Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs to extract credentials.