Davey Winder is a technology journalist who covers cybersecurity news and research. He’s covered everything from the true story behind the hacking of Donald Trump’s nude photos to a record-breaking ransomware payment of $75 million.
Update, Nov. 30, 2024: This story, originally published Nov. 29 now includes more information about how hackers are able to bypass your two-factor authentication security protection during attacks such as those using the Rockstar 2FA exploit kit .
Rockstar 2FA, an updated version of the DadSec phishing kit, is known to be used by a threat actor tracked as Storm-1575. Crucially, Storm-1575 is known to have been behind some of the most prolific phishing campaigns during 2023 with the DadSec kit at the heart of it all. With thousands of subscribers to the various underground channels where the updated Rockstar 2FA kit is being rented, the risk this year and beyond is easy to comprehend.
The Trustwave SpiderLabs researchers gave multiple examples, including the three methods highlighted below, of how the Rockstar 2FA kit is used.This used a new method of URL redirection by way of OneDrive to host the URL shortcut files. “In this case,” Trustwave said, “unsuspecting users who click on the .url file are automatically redirected to the phishing landing page via a new browser tab.” It’s a seamless redirection technique that effectively hides the actual destination URL from the user.
Rockstar Phishing Kit Phishing Phishing Kit Exploit Kit Rockstar Exploit 2FA Bypass Two-Factor Authentication Code Metacert Trustwave
South Africa Latest News, South Africa Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Google And Microsoft Users Warned—Rockstar 2FA Bypass Attacks IncomingDavey Winder is a technology journalist who covers cybersecurity news and research. He’s covered everything from the true story behind the hacking of Donald Trump’s nude photos to a record-breaking ransomware payment of $75 million.
Read more »
X Rival Bluesky Is Adding Millions Of Users Post-Election — Reaching 18 Million UsersBluesky which was developed by Twitter in 2019 has become one of the fastest growing apps as users become disenchanted with X in the aftermath of the election.
Read more »
Microsoft introduces PC that has one job: connect users to their computers in the cloudMicrosoft’s latest stripped-down device is designed for corporate use and includes a new operating system.
Read more »
Microsoft tries to convince Windows 10 users to buy a new PC with full-screen promptsMicrosoft wants some Windows 10 users to upgrade their hardware. It’s using fullscreen prompts to tempt Windows 10 users to switch to Copilot Plus PCs.
Read more »
Microsoft Update Decision—Alarming News For Millions Of Windows UsersZak Doffman has covered security, surveillance and privacy on Forbes since 2018, focusing on the latest updates from the world’s largest tech companies, staying safe on smartphones and social media, and the dangers of AI.
Read more »
Windows Users Must Update Now As Microsoft Confirms 4 New Zero-DaysDavey Winder is a technology journalist who covers cybersecurity news and research. He’s covered everything from the true story behind the hacking of Donald Trump’s nude photos to a record-breaking ransomware payment of $75 million.
Read more »