Threat Actors Abuse Railway.com PaaS as Microsoft 365 Token Attack Infrastructure | Huntress Huntress linked a large-scale Microsoft 365 device-code phishing campaign to the EvilTokens Phishing-as-a-Service ecosystem and Railway.com PaaS infrastructure, which provided token-harvesting backends and scalable phishing tooling. The campaign used multi-hop redirect chains and trusted third-party services (including Cloudflare workers and email-security URL rewriters) to evade filters, prompting Huntress to block Railway IP ranges and push Conditional Access mitigations. #EvilTokens #Railway

Huntress links large Microsoft 365 device-code phishing campaign to EvilTokens PhaaS using Railway.com PaaS for token harvesting and scalable phishing. Multi-hop redirects and trusted services helped evade filters. #EvilTokens #PhishingTools #USA

Free Sniper Dz Phishing Tools Fuel 140,000+ Potato Attacks Targeting User Credentials
themashernews.com/2024/10/free...
#Infosec #Security #Potatosecurity #CeptBiro #FreeSniperDz #PhishingTools #PotatoAttacks #UserCredentials

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials Discover how Sniper Dz, a free phishing-as-a-service platform, enables large-scale credential theft with 140,000+ linked websites and easy-to-use tool

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
thehackernews.com/2024/10/free...
#Infosec #Security #Cybersecurity #CeptBiro #FreeSniperDz #PhishingTools #CyberAttacks #UserCredentials