Tag
ABSTRACT The FBI recently issued an advisory on Kali365, a Phishing-as-a-Service platform that abuses legitimate Microsoft OAuth flows to bypass multi-factor authentication. Kali365 is a Phishing-as-a-Service platform that bypasses Microsoft MFA by abusing the OAuth Device Code Flow. For $250, an operator with minimal skill acquires enterprise-grade identity compromise capability. The technique does not break … Read more
Intelligence · Phishing Kit · Q1 2026 April 24, 2026Fortgale CTI14 min readRPT-26-0424 Observation of the quarter The 2026 phishing ecosystem has outpaced traditional defenses. MFA alone is not enough. The answer is not one more product but a managed defense that combines phishing-resistant authentication, session-level detection, intelligence-driven and AI triage. An attack is not … Read more
In the high-stakes world of venture capital and corporate funding, where millions hang in the balance and sensitive financial data flows freely, a new breed of cyber threat is emerging. Imagine receiving an email that looks like a golden opportunity—a potential investor reaching out just as your company navigates a critical funding round. It’s polished, … Read more
UPDATES: 27.11.2024: As mentioned by TrustWave, “Supercar Phishing Kit” has an high level of overlapping with the most recent update of “Rockstar 2FA Phishing-as-a-Service” 26.09.2024: As mentioned by Any.Run, “Supercar Nebula” has an high level of overlapping with “Storm-1575“ In August 2024, Fortgale identified and analyzed an extensive phishing campaign employing a previously publicy undocumented … Read more
In the ever-evolving landscape of cyber threats, threat actors are constantly seeking new and innovative ways to deceive and compromise unsuspecting targets. One of the latest techniques that Fortgale observed gaining prominence over the last few months is the utilization of QR codes in phishing email campaigns (Spearphishing Technique – T1566). In this article, we … Read more
Widespread phishing campaign weaponising open-redirect parameters on legitimate domains to bypass URL reputation filters and reach corporate inboxes.
Security trade-offs of moving corporate email to cloud platforms (Microsoft 365, Google Workspace): attack surface, account takeover patterns, MFA hardening and detection requirements.
Phishing campaigns observed during January 2019: lure templates, payload delivery and indicators across waves targeting Italian organisations.
