LogoKit update: The phishing kit leveraging open redirect vulnerabilities

JavaScript News Resecurity

Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using highly trusted service domains like Snapchat and other online-services, they create special URLs which lead to malicious resources with phishing kits. The kit identified is named LogoKit, which was previously used in attacks against the customers of Office 365, Bank of America, GoDaddy, Virgin Fly, and many other major financial institutions and … More

The post LogoKit update: The phishing kit leveraging open redirect vulnerabilities appeared first on Help Net Security.