Tag

Man in the Middle Attack

posts

Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In January 2024, security researchers at Checkmarx uncovered a massive man in the middle attack campaign targeting the Python Package Index (PyPI), where threat actors intercepted developer credentials and injected malicious code into software supply chains. The attack went undetected for months. This wasn't some exotic nation-state operation

Carl B. Johnson Jul 05, 2026 6 min read
Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In 2019, a Lithuanian national named Evaldas Rimasauskas pleaded guilty to stealing over $120 million from Google and Facebook using a sophisticated man in the middle attack scheme. He impersonated a legitimate hardware vendor, intercepted invoice communications, and redirected payments to bank accounts he controlled. The scheme ran for two

Carl B. Johnson Jun 02, 2026 5 min read
Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In January 2024, security researchers at Sekoia documented a massive adversary-in-the-middle campaign that used phishing kits to intercept Microsoft 365 credentials and session tokens in real time — bypassing multi-factor authentication entirely. The attack wasn't theoretical. It hit thousands of organizations across multiple industries. And it reminded every security

Carl B. Johnson Dec 19, 2024 8 min read
Man in the Middle Attack

Man in the Middle Attack: How It Works and How to Stop It

In January 2023, the FBI's Internet Crime Complaint Center (IC3) continued to flag business email compromise — often powered by man in the middle attack techniques — as the costliest cybercrime category, responsible for over $2.7 billion in reported losses in 2022 alone. That number isn't inflated

Carl B. Johnson Jan 24, 2023 7 min read
Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In January 2021, the FBI warned that cybercriminals were actively exploiting telecommuters by intercepting unencrypted network traffic — a textbook man in the middle attack. The shift to remote work didn't just expand the attack surface. It handed threat actors a golden opportunity to sit between employees and corporate

Carl B. Johnson Sep 03, 2021 7 min read
Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In 2015, a Belgian company called Crelan Bank lost over €70 million to a sophisticated fraud scheme that began with attackers intercepting email communications between executives. The threat actors positioned themselves between two parties, manipulated invoices, and redirected payments — all without either side realizing the conversation had been compromised. That&

Carl B. Johnson May 08, 2020 7 min read