ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

Researchers have discovered a new phishing tactic


Passwords and other sensitive information can now be easily obtained using a variety of phishing methods. However, a new phishing tactic known as the BitB attack has recently been uncovered, and it is so perfectly crafted that most people would fall for it.

This method entails creating a bogus pop-up login window that displays on a website. By combining HTML with CSS, threat actors create a bogus pop-up login window that appears on a web page. Threat actors integrate an iframe pointing to a malicious server. This server hosts the phishing web page into the browser’s window design, ensuring that the server remains undetectable.

This new phishing technique was discovered by a cybersecurity analyst known as mrd0x.
mrd0x stated, “Combine the window design with an iframe pointing to the malicious server hosting the phishing page, and it’s basically indistinguishable. JavaScript can be easily used to make the window appear on a link or button click, on the page loading, etc.”

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target


There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.