New VENOM Phishing Attacks Steal Senior Executives’ Microsoft Logins

Threat actors using a new phishing-as-a-service platform called VENOM have been targeting Microsoft logins of senior executives since at least last November. The attacks impersonate Microsoft SharePoint notifications with highly personalized emails and QR codes leading victims to sophisticated credential-harvesting pages that bypass traditional protections like MFA, highlighting the need for stronger authentication measures such as FIDO2 and stricter access policies.

https://www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top