all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA

Add to bookmarks
May 13, 2024, 2:10 p.m. | Eswar

GBHackers On Security gbhackers.com

Tycoon 2FA, a recently emerged Phishing-as-a-Service (PhaaS) platform, targets Microsoft 365 and Gmail accounts, which leverage an Adversary-in-the-Middle (AitM) technique to steal user session cookies, bypassing multi-factor authentication (MFA) protections.  By acting as an intermediary between the user and the legitimate login page, Tycoon 2FA captures cookies that grant attackers unauthorized access to compromised accounts […]


The post Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

2fa accounts adversary adversary-in-the-middle aitm as-a-service authentication bypass bypassing cookies cyber security factor gmail google grant login malware mfa microsoft microsoft 365 multi-factor multi-factor authentication page phaas phishing phishing-as-a-service platform service session session cookies steal tycoon tycoon 2fa

Visit resource

More from gbhackers.com / GBHackers On Security

Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations 1 day, 5 hours ago | gbhackers.com
act archive attachments attack +30
GoldPickaxe iOS Malware Harvests Facial Recognition Data & Bank Accounts 1 day, 5 hours ago | gbhackers.com
accounts android android malware app +25
Muhstik Malware Attacking Apache RocketMQ To Execute Remote Code 2 days, 7 hours ago | gbhackers.com
access apache apache rocketmq aqua +31
Hacktivist Groups Attacking Industrial Control Systems To Disrupt Services 2 days, 7 hours ago | gbhackers.com
attacks can control control systems +33
North Korean Kimsuky Attacking Arms Manufacturer In Europe 2 days, 7 hours ago | gbhackers.com
arms attack attack vector campaign +19
SPECTR Malware Attacking Defense Forces of Ukraine With a batch script 2 days, 9 hours ago | gbhackers.com
batch campaign center cert +22
300+ Times Downloaded Package from PyPI Contains Wiper Components 2 days, 12 hours ago | gbhackers.com
components cyber security cyber-security-course downloader +16
Tenable Acquires Eureka Security To Provide Data Security Across Infrastructure 2 days, 13 hours ago | gbhackers.com
acquisition agreement bolster capabilities +23
Microsoft Details On Using KQL To Hunt For MFA Manipulations 2 days, 14 hours ago | gbhackers.com
accounts attributes audit logs authentication +30

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com