all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA

Add to bookmarks
May 13, 2024, 2:10 p.m. | Eswar

GBHackers On Security gbhackers.com

Tycoon 2FA, a recently emerged Phishing-as-a-Service (PhaaS) platform, targets Microsoft 365 and Gmail accounts, which leverage an Adversary-in-the-Middle (AitM) technique to steal user session cookies, bypassing multi-factor authentication (MFA) protections.  By acting as an intermediary between the user and the legitimate login page, Tycoon 2FA captures cookies that grant attackers unauthorized access to compromised accounts […]


The post Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

2fa accounts adversary adversary-in-the-middle aitm as-a-service authentication bypass bypassing cookies cyber security factor gmail google grant login malware mfa microsoft microsoft 365 multi-factor multi-factor authentication page phaas phishing phishing-as-a-service platform service session session cookies steal tycoon tycoon 2fa

Visit resource

More from gbhackers.com / GBHackers On Security

OilRig Hackers Attacking Individuals And Organizations In The Middle East 7 hours ago | gbhackers.com
advanced advanced persistent threat (apt) attacks campaigns +23
Ollama AI Platform Flaw Let Attackers Execute Remote Code 7 hours ago | gbhackers.com
access ai platform ai security algorithms +23
P2Pinfect Redis Server with New Ransomware Payload 7 hours ago | gbhackers.com
article botnet capabilities crypto +15
New North Korean Actor Distributing Malicious npm Packages To Compromise Organizations 8 hours ago | gbhackers.com
actor compromise cve cyber-attack +28
Threat Actor Claims 0Day Sandbox Escape RCE in Chrome Browser 8 hours ago | gbhackers.com
0day account actor attention +20
FireTail Unveils Free Access for All to Cutting-Edge API Security Platform 10 hours ago | gbhackers.com
access api apis api security +25
Microsoft Announced Copilot for Security TI in Defender XDR 12 hours ago | gbhackers.com
access ai-powered availability copilot +23
Critical Vulnerability in MOVEit Transfer Let Hackers Gain Files Access 14 hours ago | gbhackers.com
access authentication can critical +24
Beware Of Shorten URLs With Word Files That Install Remcos RAT 1 day, 6 hours ago | gbhackers.com
access access trojan attackers can +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California
View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Account Executive - Secureworks Direct Sales - US Remote Philadelphia

@ Dell Technologies | Remote - Pennsylvania, United States
View on infosec-jobs.com

SATCOM Technician - Shariki, Japan - Secret Clearance (Onsite)

@ RTX | RVA99: RTN Remote, Virginia
View on infosec-jobs.com

Senior Test Engineer

@ Commonwealth Bank | Bengaluru - Manyata Tech Park Road
View on infosec-jobs.com

Lead Developer - Pipeline & Algorithms

@ Arctic Wolf | Waterloo
View on infosec-jobs.com