Secondary attack vectors after email breaches

Beware of an active integrated credential phishing and cloud Account Takeover (ATO) campaign. It was originally detected by Proofpoint researchers in late November 2023. This campaign uses individualized phishing lures within shared documents, including embedded links to 'view document' that lead to a malicious phishing webpage. The targets of this attack are often senior positions, including sales directors, account managers, and finance managers. Even individuals holding executive positions such as 'vice president, operations,' 'chief financial officer & treasurer,' and 'president & CEO' were among those targeted, according to the researchers. During the access phase of the attack, the attackers use a specific Linux user-agent for accessing OfficeHome sign-in application and gain access to a range of native Microsoft365 apps. Defenders can use this information as an indicator of compromise (IOC) as the user-agent reads: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36". Once the initial access succeeds, the attackers manipulate multi-factor authentication (MFA) to maintain persistence. This can include registering a fake phone number for SMS authentication or adding a separate authenticator with notification and code. Subsequent activity is likely to include data exfiltration, internal and external phishing, financial fraud, and compromise obfuscation through new mailbox rules to cover tracks and remove evidence of malicious activity from the victims’ mailboxes. Stay vigilant, and be cautious when clicking on shared documents or links, especially if they are individualized and come from an unverified source.

QR Code Abuse: A Silent Pathway to Account Takeovers As QR codes get embedded across login workflows, payments, and document sharing, adversaries have started weaponizing them at scale. 🚨 Two High-Impact Attack Vectors: 🔹 Quishing (QR Phishing): Malicious QR codes embedded in emails, PDFs, posters, or even social engineering messages redirect victims to spoofed login pages. Targeted services often include #O365, #GoogleWorkspace, and banking portals. Since QR scans bypass link filtering in secure email gateways, these payloads are harder to detect. 🔹 QRLjacking (QR Login Hijacking): Abuses legitimate "Scan to Login" functionality (WhatsApp Web, Discord , Paytm e.t.c). 1. Attacker initiates a legitimate login session. 2. Extracts the QR login token. 3. Embeds it on a phishing site. 4. Victim scans it, and the session is instantly hijacked — no password or OTP required. Attackers now have persistent access to the victim’s account or device session. 🔬 Threat Researcher OSINT Stack for QR Code Investigations: 🧩 QR Code Decoding & Content Analysis zxing.org, zbarimg, qrdecode, pyzbar ExifTool for extracting source metadata (image origin, timestamps) 🌐 Payload & Infrastructure Analysis urlscan.io (visual rendering, redirection chains) VirusTotal (URL/file behavior scoring) #OpenPhish, #PhishTank (reputation checks) Shodan , Censys (fingerprinting backend infra) SecurityTrails, WhoisXML (passive DNS, domain history) 📩 Phishing & Email Exposure Checks Hunter.io, EmailRep, #HaveIBeenPwned 📌 Bonus: Maltego for graphing infrastructure, identity pivots, and domain/email correlations. Sandboxes : ANY.RUN , Recorded Future Triage 🛡️ Blue Team Guidance Implement image scanning pipelines to decode QR content in attachments or inbound comms. Limit QR-based login token lifetime (<60s), bind sessions to device/IP, and enforce logout after single use. Monitor anomalous login patterns via QR (new locations, UA, geo spread). Train users on recognizing QR phishing lures — especially in hybrid PDF/email formats. QR-based attacks blend low visibility with high conversion — particularly effective on mobile-first users. These vectors are now actively discussed in underground forums and open-source #phishing kits. 🔎 For threat researchers, QR-based attack surfaces are now a critical inclusion in phishing and ATO investigations. #ThreatIntelligence #CyberSecurity #QRLjacking #QRPhishing #OSINT #MalwareAnalysis #AccountTakeover #PhishingKits #IncidentResponse #Infosec #CyberThreatResearch #QRcodeSecurity #RedTeamOps #BlueTeamDefense #SecurityAwareness #APTtradecraft #VirusTotal #anyrun

Here’s a fascinating AI-based attack vector that exfils data just by sending an email: New technology brings new attack surface. New attack surface brings new attack vectors. Today, I want to share one such attack vector that tricks Microsoft Copilot into leaking secrets, just by sending an email! Read on (credits: Aim Labs report) 𝗔𝘁𝘁𝗮𝗰𝗸 𝗙𝗹𝗼𝘄: 1) Attacker sends a harmless-looking email to a Copilot-enabled user > It contains text written in markdown (more on this later) > This sits in user inbox. 2) Later, the user asks Copilot something innocent like: “Summarize my inbox”. 3) Copilot now scans the user inbox (including the above email). 4) Inside the email body, attacker includes a malicious markdown snippet such as below:  5) Copilot parses the above link > Reads the instructions to insert secret API key > Queries Microsoft Graph to look up the value within user's context > Replaces it >Inserts the full link with the real secret into its response. 6) Co-pilot shows the reply > Browser tries to load the image > This creates a GET request to the attacker’s server, carrying data in the URL > Attacker retrieves the secret! 𝗔 𝗙𝗲𝘄 𝗧𝗵𝗼𝘂𝗴𝗵𝘁𝘀: 1) The most interesting part is this: No malware. No user clicks. The attacker simply tricks the mighty LLM against itself to leak sensitive data from the LLM context. This is called a "Cross Prompt Injection Attack". 2) There are classifiers, but they struggle to catch these. Why? With traditional bugs such as XSS, input structure is well-defined and easier to validate. With LLM, inputs are unstructured, making detection much harder. 3) You may ask: how do attackers ensure their email gets into the summary? They use a technique called RAG spraying: → Send multiple versions of the email → Make the email look urgent or long This boosts its chances of being picked up in Copilot’s summary. 4) The core problem is simple: An untrusted email triggers Copilot to look up trusted internal information. This is possible because of the way "RAG" based chatbots work. 5) RAG-based chatbots pull data from multiple contextual sources. For ex, M365 Copilot uses Microsoft Graph to access a user’s emails, OneDrive, Office files, SharePoint, and Teams chats etc. all within their permission scope. But even these personal files can contain sensitive information. 6) This bug is declared a CVE and is now fixed. But it’s a reminder that the deeper AI goes into our workflows, the bigger the attack surface becomes. If you enjoyed this or learned something, follow me at Rohit Tamma for new posts every week! #cybersecurity #aisecurity #infosec #applicationsecurity #threatdetection #hacking