Skip to content

Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

  • by

​An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bash_history.

From that one lapse, French security firm Lexfo lifted the operator’s entire toolkit and pivoted through it to two more An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bash_history.

From that one lapse, French security firm Lexfo lifted the operator’s entire toolkit and pivoted through it to two more  The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *