Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/ErikvanStraten/statuses/113930686068837650">Erik van Straten (erikvanstraten@infosec.exchange)'s status on Sunday, 02-Feb-2025 06:11:49 JST</a><a href="https://infosec.exchange/@ErikvanStraten" title="erikvanstraten@infosec.exchange"><img src="https://gnusocial.jp/avatar/279933-48-20240918100907.webp" width="48" height="48" alt="Erik van Straten" style="position: absolute; left: 0; top: 0;">Erik van Straten</a><div><a href="https://infosec.exchange/@patrickcmiller/113930451048112586" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://infosec.exchange/@patrickcmiller">@patrickcmiller</a> : oops, from <a href="https://www.csoonline.com/article/3810936/us-takes-aim-at-healthcare-cybersecurity-with-proposed-hipaa-changes.html" rel="nofollow">https://www.csoonline.com/article/3810936/us-takes-aim-at-healthcare-cybersecurity-with-proposed-hipaa-changes.html</a>:</p><p>"the rollout of multi-factor authentication as a defense against phishing"</p><p>What part of <a href="https://infosec.exchange/tags/Evil" rel="tag">#Evil</a> <a href="https://infosec.exchange/tags/Proxy" rel="tag">#Proxy</a> do these people not understand?</p><p><a href="https://infosec.exchange/tags/EvilProxy" rel="tag">#EvilProxy</a> <a href="https://infosec.exchange/tags/PhaaS" rel="tag">#PhaaS</a> <a href="https://infosec.exchange/tags/EvilGinx2" rel="tag">#EvilGinx2</a> <a href="https://infosec.exchange/tags/Weak2FA" rel="tag">#Weak2FA</a> <a href="https://infosec.exchange/tags/WeakMFA" rel="tag">#WeakMFA</a> <a href="https://infosec.exchange/tags/2FA" rel="tag">#2FA</a> <a href="https://infosec.exchange/tags/MFA" rel="tag">#MFA</a> <a href="https://infosec.exchange/tags/Phishing" rel="tag">#Phishing</a> <a href="https://infosec.exchange/tags/TwoStepVerification" rel="tag">#TwoStepVerification</a> <a href="https://infosec.exchange/tags/FakeWebsite" rel="tag">#FakeWebsite</a> <a href="https://infosec.exchange/tags/AitM" rel="tag">#AitM</a> <a href="https://infosec.exchange/tags/MitM" rel="tag">#MitM</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4491637#notice-8794255">In conversation</a><time datetime="2025-02-02T06:11:49+09:00" title="Sunday, 02-Feb-2025 06:11:49 JST">about 2 months ago</time> <span>from <span><a href="https://infosec.exchange/@ErikvanStraten/113930686068837650" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@ErikvanStraten/113930686068837650">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.csoonline.com</div><h5><a href="https://www.csoonline.com/article/3810936/us-takes-aim-at-healthcare-cybersecurity-with-proposed-hipaa-changes.html">US takes aim at healthcare cybersecurity with proposed HIPAA changes</a></h5><div></div></header><div>Security experts welcome proposed changes to the regulation’s security rules while warning about political uncertainty, feasibility, and the potential cost to healthcare orgs.</div><footer></footer></article></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4064227">Screenshot grabbed from the video right below "Microsft 2FA" [sic] in https://www.resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-webThis screenshot was made after the user was asked to enter their email address and their password; shown is the website asking for the user's 2FA/MFA data.A browser can be seen with, in its address bar, a lock icon followed by (I inserted '[' and ']' to prevent accidental opening):login-live.rproxy[.]io/ (irrelevant stuff)In the webpage (which has the typical gradient Microsof colors) a dialogbox is dislplayed, with the following info and fields:[MS logo] Microsoft&lt;email address blurred by ReSecurity&gt;Approve sign-in request! Because you've turned on two-step verification, you need to approve request X4Z7F on your Microsof Authenticator app.[   ] I sign in frequently from this device. Don't ask me to approve resuests here.&lt;link&gt; I can't use my Microsoft Authenticator app right now</a></label><br><a href="https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/930/584/666/414/026/original/b6bb841063fa2756.jpg" rel="external">https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/930/584/666/414/026/original/b6bb841063fa2756.jpg</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Erik van Straten (erikvanstraten@infosec.exchange)'s status on Sunday, 02-Feb-2025 06:11:49 JSTErik van Straten
in reply to
- Patrick C Miller :donor:
@patrickcmiller : oops, from https://www.csoonline.com/article/3810936/us-takes-aim-at-healthcare-cybersecurity-with-proposed-hipaa-changes.html:
"the rollout of multi-factor authentication as a defense against phishing"
What part of #Evil #Proxy do these people not understand?
#EvilProxy #PhaaS #EvilGinx2 #Weak2FA #WeakMFA #2FA #MFA #Phishing #TwoStepVerification #FakeWebsite #AitM #MitM
In conversationabout 2 months ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.csoonline.com
  US takes aim at healthcare cybersecurity with proposed HIPAA changes
  Security experts welcome proposed changes to the regulation’s security rules while warning about political uncertainty, feasibility, and the potential cost to healthcare orgs.
2. Screenshot grabbed from the video right below "Microsft 2FA" [sic] in https://www.resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web This screenshot was made after the user was asked to enter their email address and their password; shown is the website asking for the user's 2FA/MFA data. A browser can be seen with, in its address bar, a lock icon followed by (I inserted '[' and ']' to prevent accidental opening): login-live.rproxy[.]io/ (irrelevant stuff) In the webpage (which has the typical gradient Microsof colors) a dialogbox is dislplayed, with the following info and fields: [MS logo] Microsoft <email address blurred by ReSecurity> Approve sign-in request ! Because you've turned on two-step verification, you need to approve request X4Z7F on your Microsof Authenticator app. [ ] I sign in frequently from this device. Don't ask me to approve resuests here. <link> I can't use my Microsoft Authenticator app right now
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/930/584/666/414/026/original/b6bb841063fa2756.jpg

Public

Embed Notice

HTML Code

Corresponding Notice