A new Microsoft 365 phishing service has emerged, so be on your guard




  • Researchers said that Rockstar2FA went quiet in November 2024
  • But a new PaaS emerged soon afterwards, with partly overlapping infrastructure
  • The new PaaS is called FlowerStorm, and it targets Microsoft365 accounts

Cybersecurity researchers from Sophos have warned a new Phishing-as-a-Service (PaaS) tool has emerged, allowing threat actors to easily hunt for people’s Microsoft 365 credentials.

This tool is called FlowerStorm, and it might have emerged from the (defunct) Rockstar2FA, the company revealed, noting how in November, detections for Rockstar2FA have “suddenly gone quiet”.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *