You have to invite them in
⚠️ Region Alert: UAE/Middle East This edition of the Threat Source newsletter explores the evolving landscape of identity-based attacks, using an analogy of vampire mythology to describe how attackers now seek to be "invited in" rather than forcing entry. Data from the upcoming 2025 Talos Year in Re
Mark0
⚠️ Region Alert: UAE/Middle East
This edition of the Threat Source newsletter explores the evolving landscape of identity-based attacks, using an analogy of vampire mythology to describe how attackers now seek to be "invited in" rather than forcing entry. Data from the upcoming 2025 Talos Year in Review indicates that nearly a third of MFA spray attacks targeted Identity Access Management (IAM) applications, alongside a 178% surge in fraudulent device registrations. Attackers are increasingly leveraging social engineering and adversary-in-the-middle phishing kits to capture legitimate credentials and session tokens.
The newsletter also provides a critical update on the security situation in the Middle East, specifically noting that a recent attack on medical equipment manufacturer Stryker appears opportunistic. However, the broader threat landscape remains elevated due to regional military operations, particularly involving Iranian threat actors known for destructive malware. Additional headlines cover new .NET AOT malware evasion techniques, the expansion of the SideWinder espionage campaign in Southeast Asia, and a novel Android trojan that uses silent audio loops to maintain persistence.
Found this useful? Share it!
Read the Full Story
Continue reading on Dev.to
Related Stories
Hiring Senior Full Stack Developer (Remote, USA)
about 2 hours ago
How I Built a Multi-Tenant WhatsApp Automation Platform Using n8n and WAHA
about 2 hours ago
I Built an Instant SEO Audit API — Here's What I Learned About Technical SEO
about 3 hours ago
SJF4J: A Structured JSON Facade for Java
about 3 hours ago