A new Microsoft 365 phishing service has emerged, so be on your guard

Estimated read time 2 min read


  • Researchers said that Rockstar2FA went quiet in November 2024
  • But a new PaaS emerged soon afterwards, with partly overlapping infrastructure
  • The new PaaS is called FlowerStorm, and it targets Microsoft365 accounts

Cybersecurity researchers from Sophos have warned a new Phishing-as-a-Service (PaaS) tool has emerged, allowing threat actors to easily hunt for people’s Microsoft 365 credentials.

This tool is called FlowerStorm, and it might have emerged from the (defunct) Rockstar2FA, the company revealed, noting how in November, detections for Rockstar2FA have “suddenly gone quiet”.

Source link

You May Also Like

More From Author

+ There are no comments

Add yours