kyjonin

A lot of work and effort has been put into deceptive technology, I don't really see it discussed much outside of honeypots (esp with the AI emulated environments etc.) and jars being flooded with the joy of the web. (This of course, being the nature of it, if everyone knows it is there, it is no longer deception ), but despite this, from an educational perspective, I've found aggregating a long list of information into actionable insights valuable to others, so here we are :) To ensure this isn't click-bait for a holy grail solution for Credential and/or  Session Token theft detection, I am highlighting the fact that attackers in some instances clone login pages (to your login portals especially) to make phishing and other social engineering attacks appear more legitimate. A Canary what? "Canarytokens are like motion sensors for your networks, computers and clouds. You can put them in folders, on network devices and on your phones. Place them where nobody should be pok...