May 13, 2024, 2:10 p.m. | Eswar

GBHackers On Security

Tycoon 2FA, a recently emerged Phishing-as-a-Service (PhaaS) platform, targets Microsoft 365 and Gmail accounts, which leverage an Adversary-in-the-Middle (AitM) technique to steal user session cookies, bypassing multi-factor authentication (MFA) protections.  By acting as an intermediary between the user and the legitimate login page, Tycoon 2FA captures cookies that grant attackers unauthorized access to compromised accounts […]

The post Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

2fa accounts adversary adversary-in-the-middle aitm as-a-service authentication bypass bypassing cookies cyber security factor gmail google grant login malware mfa microsoft microsoft 365 multi-factor multi-factor authentication page phaas phishing phishing-as-a-service platform service session session cookies steal tycoon tycoon 2fa

Sr. Product Manager

@ MixMode | Remote, US

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Principal Software Engineer - Threat Detection

@ AppOmni | Remote, USA

Senior Security & GRC Lead

@ GoHenry | London, England, United Kingdom