Man-in-the-Middle (MitM) Attack - Security Intelligence

Woman working on a computer: MitM Attack

news

Malware Campaign Uses MitM Attack to Distribute Plead Backdoor

Threat actors have launched a new malware campaign that uses an MitM attack to infect unsuspecting users with the Plead backdoor.

May 15, 2019 | By David Bisson

news

Two programmers working on security controls to detect black market tls/ssl certificates

article

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

Some of the latest website security threats originate from thriving dark web marketplaces for TLS/SSL certificates, which often come packaged with other cybercrime services.

April 11, 2019 | By Koen Van Impe

article

Security researchers analyzing a TrickBot attack campaign

news

TrickBot Creators Collaborate With BokBot to Conduct Man-in-the-Middle Attacks

Security researchers warn that the cybercriminals behind the TrickBot and BokBot banking Trojans are now collaborating to perform man-in-the-middle (MitM) attacks.

March 25, 2019 | By Shane Schick

news

Illustration representing a malware infection on a smartphone as part of a MitM attack.

news

iTranslator Malware Installs Two Drivers to Perform a MitM Attack

Researchers from FortiGuard Labs discovered a malware sample called iTranslator that installs two drivers onto infected machines to perform man-in-the-middle (MitM) attacks.

October 12, 2018 | By David Bisson

news

Private detective sitting in a car doing surveillance work with a camera.

news

ISPs May Be Colluding With FinFisher Surveillance, According to Researchers

FinFisher campaigns may be using ISPs to infect users' machines. This is the first time that ISPs have been detected as an infection mechanism.

September 25, 2017 | By Larry Loeb

news

Hands typing code on a laptop with a smartphone on the keyboard and another computer monitor displaying an encrypted password in the background.

news

Forgot Password? Man-in-the-Middle Attack Can Perform a Password Reset, Researchers Warn

Many high-profile online services are vulnerable to a new type of attack that could enable fraudsters to intercept password reset requests.

June 26, 2017 | By Larry Loeb

news

Three people using various devices in a cafe.

article

More Mobile Apps Means More Man-in-the-Middle Attacks

Mobile devices that contain unsanctioned apps are particularly vulnerable to man-in-the-middle attacks, especially when connected to unsecured Wi-Fi.

June 21, 2017 | By David Strom

article

A man turning off a morning alarm on a cellphone.

news

Wake-Up Call: Millions of Android Users at Risk of MitM Attacks

Security researchers at Zimperium zLabs found a vulnerability in the AirDroid app that could enable a cybercriminals to execute MitM attacks.

December 5, 2016 | By Mark Samuels

news

Most banks require users to provide personal information in real time to authenticate transactions. Attackers use interactive phishing scams to converse with users in real time through a fake website designed to emulate that of the victim's bank.

article

New, Live, Interactive Phishing Attacks Emerge in Brazil

The newest threat on Brazil's thriving online fraud scene is interactive phishing, which allows an attacker to steal a victim's personal data in real time.

October 3, 2016 | By Limor Kessem

article

It's important to be aware of this software vulnerability, but it's somewhat uncommon and ineffective given the degree of difficulty in modifying proxy traffic. An unskilled criminal looking for a quick buck is unlikely to use this type of attack.

news

Proxy Connects Show Evidence of a Software Vulnerability

A security researcher recently discovered a software vulnerability that allows attackers to exploit the way applications respond to HTTP CONNECT requests.

August 18, 2016 | By Larry Loeb

news

Many of Baltimore’s City Services Still Offline Two Weeks After Ransomware Attack

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Man-in-the-Middle (MitM) Attack

Malware Campaign Uses MitM Attack to Distribute Plead Backdoor

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

TrickBot Creators Collaborate With BokBot to Conduct Man-in-the-Middle Attacks

iTranslator Malware Installs Two Drivers to Perform a MitM Attack

ISPs May Be Colluding With FinFisher Surveillance, According to Researchers

Forgot Password? Man-in-the-Middle Attack Can Perform a Password Reset, Researchers Warn

More Mobile Apps Means More Man-in-the-Middle Attacks

Wake-Up Call: Millions of Android Users at Risk of MitM Attacks

New, Live, Interactive Phishing Attacks Emerge in Brazil

Proxy Connects Show Evidence of a Software Vulnerability