Phishing Campaigns Now Adapt to Victims’ Devices, Raising the Stakes for Enterprise Security
ID: 7fa5d706-c223-587f-b30a-90e56c2e1cad
STIX ID: report--7fa5d706-c223-587f-b30a-90e56c2e1cad
Feed Name: Security Boulevard
Attackers are increasingly using post-click device and browser fingerprinting to serve customized phishing pages and platform-specific malware (examples include FleetDeck for macOS and Tiflux RAT for Windows). Campaigns leverage Cloudflare user-agent detection to redirect victims, repurpose legitimate remote access tools to evade signature-based detection, and use services like Telegram for exfiltration. Organizations with mixed OS environments and hybrid workforces are particularly at risk; defenders should expand visibility beyond email to include redirect chains, browser behavior, and post-click activity, and reinforce phishing-resistant authentication and user training.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
