Category: adversary in the middle

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream Attack matches three-year long pattern of ScreenConnect attacks tracked by Sophos MDR as STAC4365. gallagherseanm Go to sophos

April 2, 2025
Stealing user credentials with evilginx

Stealing user credentials with evilginx A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope Angela Gunn Go to sophos

March 29, 2025

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream