PhishPondPhishing Tradecraft Intelligence

Attack · Detection · Validation

Tag

#Kali365

1 article covering Kali365 across campaign analysis, detection engineering, and defender tradecraft.

Coverage

1 entry

Field Analysis

Dual UseInfrastructure IntelligenceJun 7, 20269 min read

Kali365 Outgrows Microsoft 365: Operator Pivots to Okta, AWS, and a Russian-Language Cluster

Arctic Wolf's June 2 follow-up describes the Kali365 operator expanding well beyond Microsoft 365: Okta SSO, Xerox DocuShare, AWS-style endpoints, and a Russian-language cluster including MAX Messenger account takeover via real SMS OTPs. Proofpoint's research places the kit inside a broader cluster of AI-generated device-code lookalikes.

Read more:Arctic Wolf LabsProofpoint

By PhishPond Desk

Browse Other Tags

#Detection Engineering#OAuth#Identity#Credential Theft#Supply Chain#AiTM#Campaign Analysis#Infrastructure Intelligence#MFA Bypass#SaaS Security#Tradecraft Labs#ClickFix