AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Risky Bulletin
Sponsored: Proofpoint on the rise of ClickFix attacks
Dec 8, 2024
Selena Larson, a Senior Threat Intelligence Analyst at Proofpoint, dives into the unsettling world of cybersecurity threats. She reveals how attacker-in-the-middle phishing techniques are evolving to outsmart two-factor authentication. The discussion also uncovers the rising 'click fix' attacks, where cybercriminals masquerade as tech support to install malware on unsuspecting users' devices. With insights on credential theft and defensive strategies, Larson emphasizes the need for heightened awareness and smarter security practices.
13:16
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Attacker-in-the-Middle phishing is increasingly prevalent, employing advanced techniques to effectively bypass multi-factor authentication and steal sensitive information.
- The evolution of social engineering, particularly the ClickFix tactic, emphasizes the importance of user awareness and proactive security measures against malware threats.
Deep dives
Prevalence of Attacker-In Phishing
Attacker-in phishing is becoming increasingly common, particularly through techniques like reverse proxies and relays, which allow threat actors to steal usernames, passwords, and multi-factor authentication (MFA) tokens. Kits such as Mamba and Tycoon exemplify these phishing methods, with services like Evil Proxy and Evil Jinx facilitating the attacks by rewriting sites in real-time. The sheer volume of these phishing campaigns is significant, often targeting O365 and Gmail credentials with thousands of phishing messages sent out. As MFA is widely used, attackers have adapted by utilizing these advanced techniques to bypass defenses, reinforcing the necessity for organizations to enhance their security measures.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode