AT related malicious URL (review-and-sign-esign-document-pdf.pages.dev/?error=login_required&error_description=AADSTS50058:+A+silent+sign-in+request+was+sent+but+no+user+is+signed+in.+The+cookies+used+to+represent+the+user's+session+were+not+sent+in+the+request+to+Azure+AD.+This+can+happen+if+the+user+is+using+Internet+Explorer+or+Edge)
Sourcejulioliraup/antiphishing
Fileantiphishing.rules
CreatedJune 16, 2026
UpdatedJune 25, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (review-and-sign-esign-document-pdf.pages.dev/?error=login_required&error_description=AADSTS50058:+A+silent+sign-in+request+was+sent+but+no+user+is+signed+in.+The+cookies+used+to+represent+the+user's+session+were+not+sent+in+the+request+to+Azure+AD.+This+can+happen+if+the+user+is+using+Internet+Explorer+or+Edge)" ; flow:established,to_server ; http.uri; content:"/?error=login_required&error_description=AADSTS50058:+A+silent+sign-in+request+was+sent+but+no+user+is+signed+in.+The+cookies+used+to+represent+the+user's+session+were+not+sent+in+the+request+to+Azure+AD.+This+can+happen+if+the+user+is+using+Internet+Explorer+or+Edge" ; startswith; fast_pattern; http.host; content:"review-and-sign-esign-document-pdf.pages.dev"; endswith; reference:url,openphish.com ; reference:url,julioliraup.github.io/AT/signature.html?sid=6013446 ; classtype:social-engineering; sid:6013446; rev:1; metadata:signature_severity Major, created_et 2026_06_15, updated_et 2026_06_25;)
References
Metadata
signature severityMajor
created et2026_06_15
updated et2026_06_25
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!