I recently found myself reading about an older man-in-the-middle attack:
WPAD Man In The Middle Attacks
Web Proxy Auto-Discovery Protocol (WPAD)
Used to intercept web traffic by using a non-authorized server as a proxy server. This can lead to various attacks as simple as capturing clear text passwords on an internal network.