PhaaS actor uses DoH and DNS MX to dynamically distribute phishing
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Infoblox discovered a phishing kit that creatively employs DNS mail exchange (MX) records to dynamically serve fake, tailored, login pages, spoofing over 100 brands.
OPENCTI LABELS :
cloud,phishing,malspam,morphing meerkat
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
PhaaS actor uses DoH and DNS MX to dynamically distribute phishing