Cyber offenders Employ Go Resty and Node Fetch in 13 Million Password Spraying Efforts

In the realm of cybersecurity, wrongdoers are progressively utilizing valid HTTP client utilities to enable account usurpation (ATO) assaults on Microsoft 365 frameworks.

In the realm of cybersecurity, wrongdoers are progressively utilizing valid HTTP client utilities to enable account usurpation (ATO) assaults on Microsoft 365 frameworks.
Proofpoint, a business specializing in enterprise security, has reported detecting campaigns that deploy HTTP clients such as Axios and Node Fetch to dispatch HTTP solicitations and collect HTTP replies from web servers, aiming to execute ATO assaults.
“Initially procured from public

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts