The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.
Security Boulevard

Starkiller Phishing Framework Bypasses Defenses with Reverse Proxies, Takes an SaaS Approach

Starkiller is a new SaaS-style phishing framework that runs real brand websites inside headless Chrome containers, acting as a live reverse proxy to steal credentials, session tokens, and ...
Dark Reading

EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA

A phishing-as-a-service offering being sold on the Dark Web uses a tactic that can turn a user session into a proxy to bypass two-factor authentication (2FA), researchers have found. The service, ...
Bleeping Computer

Latest Reverse Proxy news

The Ngioweb botnet, which supplies most of the 35,000 bots in the cybercriminal NSOCKS proxy service, is being disrupted as security companies block traffic to and from the two networks. EvilProxy is ...
TechSpot

New reverse proxy tool posted on Github can easily bypass 2FA and automate phishing attacks

What just happened? A security researcher in Poland has released a tool that automates phishing attacks and can easily bypass two-factor authentication (2FA). Piotr Duszynsky released the tool a few ...