Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM) phishing pages that are capable of harvesting their credentials and session tokens. "After gaining access to an initial session and token, Storm-0539 registers their own device for subsequent secondary authentication prompts, bypassing MFA protections and persisting in the environment using the fully compromised identity," the tech giant said in a series of posts on X (formerly Twitter). UPCOMING WEBINAR [ Beat AI-Powered Threats with Zero Trust – Webinar for Security Professionals ](https://thehacker.news/zero-trust-attack-surface?source=inside) Traditional security measures won't cut it in today's world. It's time for Zero Trust Security. Secure your data like never before. Join Now The foothold obtained in this manner further acts as a conduit for escalating privileges, moving laterally across the network, and accessing cloud resources in order to grab sensitive information, specifically going after gift card-related services to facilitate fraud. On top of that, Storm-0539 collects emails, contact lists, and network configurations for follow-on attacks against the same organizations,…Read More