In the last phishing blog we discussed how modern phishing works on the frontend. Read on to find out how threat actors can easily find and authenticate a suitable domain by modifying both Gophish and Evilginx to evade security controls In the last phishing blog we discussed how modern phishing works on the frontend. Here we go behind the scenes to dissect how to configure and authenticate a good domain for your phishing campaign using Apache as Reverse Proxy. Excited? You caught the hook, read on!

Social engineering is the art of manipulating people so that they give up confidential information or perform an action you ask them to do. Social engineers are usually trying to trick victims into giving them their credentials, bank information or access to computers to secretly install malicious software. Find out how phishing actually works and what you can do to reduce the risk.

Social engineering is the art of manipulating people, so that they give up confidential information or perform an action you ask them to do. Read and learn first hand how modern phishing works to trick victims into giving up their credentials, bank information or computer access to secretly install malicious software. Adversaries use social engineering tactics because it is often easier and quicker to exploit human nature than to hack their way in.

During the recent Rootedcon conference in Spain, we delivered a talk about ransomware, and this blog post serves as a commentary of the insights presented about Ransomware as a Service (RaaS): how it really works; how the threat actors operate these attacks; and how organizations can analyze the attacks and take preemptive measures in the event of future attacks.