Tag: 2fa
-
Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform
Authorities disrupted the Tycoon 2FA phishing-as-a-service platform used to send millions of phishing emails to over 500,000 orgs worldwide. The joint effort, led by Microsoft, Europol, and industry partners, aimed to target the infrastructure of Tycoon 2FA phishing-as-a-service platform responsible for tens of millions of fraudulent emails reaching over 500,000 organizations each month worldwide. By…
-
Inside Tycoon 2FA: Disrupting a Global Phishing Operation
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/inside-tycoon-2fa-disrupting-a-global-phishing-operation
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
Tycoon 2FA abgeschaltet: Schlag gegen weltweites AiTM-Phishing
Eine internationale Kooperation aus Sicherheitsfirmen und Behörden hat die Infrastruktur von Tycoon 2FA, einer der meistgenutzten Phishing-as-a-Service-Plattformen, erfolgreich zerstört. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/tycoon-2fa-abgeschaltet
-
Breach Roundup: Patches and Hacks on Cisco Equipment
Also: Trojanized RedAlert App, Tycoon 2FA Takedown, CyberStrikeAI Attacks. This week, Cisco patches and hacks. Trojanized app targeted Israelis. Bye-bye, Tycoon 2FA. Also bye-bye LeakBase. A LexisNexis breach. Woman sentenced for trafficking Microsoft licenses. Silver Dragon targeted governments. Broadcom patch. A Mississippi medical clinic resumed operations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-patches-hacks-on-cisco-equipment-a-30927
-
Breach Roundup: Patches and Hacks on Cisco Equipment
Also: Trojanized RedAlert App, Tycoon 2FA Takedown, CyberStrikeAI Attacks. This week, Cisco patches and hacks. Trojanized app targeted Israelis. Bye-bye, Tycoon 2FA. Also bye-bye LeakBase. A LexisNexis breach. Woman sentenced for trafficking Microsoft licenses. Silver Dragon targeted governments. Broadcom patch. A Mississippi medical clinic resumed operations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-patches-hacks-on-cisco-equipment-a-30927
-
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/tycoon-2fa-europol-vendors-bust-phishing-platform
-
Microsoft, Europol disrupt global phishing platform Tycoon 2FA
The service helped cybercriminals bypass multifactor authentication and led to business email compromise and ransomware. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-europol-disrupt-phishing-tycoon-2fa/813904/
-
Authorities Shut Down Tycoon 2FA Phishing Platform Used to Bypass MFA
Europol and partners dismantle Tycoon 2FA phishing service used to bypass MFA, disrupting a global phishing-as-a-service operation targeting organisations. First seen on hackread.com Jump to article: hackread.com/tycoon-2fa-phishing-platform-shut-down-bypass-mfa/
-
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/tycoon-2fa-phishing-platform-takedown-europol/
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol-Led Operation Takes Down Tycoon 2FA Phishing-asService Linked to 64,000 Attacks
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies.The subscription-based phishing kit, which first emerged in August 2023, was described by Europol as one of the largest phishing First seen on…
-
Tycoon 2FA Phishing Operation Dismantled in Joint Raid by Microsoft and Europol
Microsoft, Europol, and industry partners have successfully dismantled the Tycoon 2FA Phishing-as-a-Service (PhaaS) platform. Operating since August 2023, this immense adversary-in-the-middle (AiTM) operation allowed cybercriminals to bypass multi-factor authentication (MFA) and infiltrate over 96,000 distinct victims globally. This coordinated disruption marks a significant blow to the cybercriminal impersonation economy. Anatomy of the Tycoon 2FA Threat…
-
Global coalition dismantles Tycoon 2FA phishing kit
Microsoft, which led the effort, said it seized 330 domains that powered the phishing platform’s core infrastructure. The alleged creator was also named in a civil complaint. First seen on cyberscoop.com Jump to article: cyberscoop.com/tycoon-2fa-phishing-kit-takedown-microsoft/
-
Inside Attacker’s Defensive Funnel: How Sneaky 2FA Cloaks Itself from Security Scanners Blog – Menlo Security
Learn how Menlo Security identified a massive Sneaky 2FA phishing campaign using 3.4K domains to bypass Microsoft 365 MFA and steal session cookies. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/inside-attackers-defensive-funnel-how-sneaky-2fa-cloaks-itself-from-security-scanners-blog-menlo-security/
-
Poorly crafted phishing campaign leverages bogus security incident report
Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phishing campaign using a fake PDF security incident report hosted on AWS to scare victims into enabling 2FA. The researchers pointed out that the campaign appears poorly…
-
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft
A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to >>remove verification popups<>generate 2FA codes,<< its actual function is to exfiltrate Two-Factor Authentication (2FA) seeds, one-time codes, and detailed business […] The…
-
Meta Business Admins Exposed by 2FA-Harvesting Chrome Extension
A fake Meta Business Chrome extension stole 2FA secrets to hijack accounts. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/meta-business-admins-exposed-by-2fa-harvesting-chrome-extension/
-
Meta Business Admins Exposed by 2FA-Harvesting Chrome Extension
A fake Meta Business Chrome extension stole 2FA secrets to hijack accounts. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/meta-business-admins-exposed-by-2fa-harvesting-chrome-extension/
-
Product showcase: 2FAS Auth Free, open-source 2FA for iOS
Online accounts usually rely on a password, but passwords alone can be weak if they’re reused, easily guessed, or stolen. Two-factor authentication (2FA) adds a second layer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/product-showcase-2fas-auth-free-open-source-2fa-ios/
-
Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities
Tags: 2fa, business, dos, flaw, gitlab, infrastructure, programming, rce, remote-code-execution, software, update, vulnerabilityBoth platforms serve as backbone infrastructure for remote work and software development, making these flaws particularly dangerous for business continuity. The post Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-zoom-gitlab-security-flaws-patched/
-
Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws
Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution.The most severe of the lot is a critical security flaw impacting Zoom Node Multimedia Routers (MMRs) that could permit a meeting participant to conduct remote code execution attacks. The vulnerability, tracked…
-
GitLab warns of high-severity 2FA bypass, denial-of-service flaws
GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its software development platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gitlab-warns-of-high-severity-2fa-bypass-denial-of-service-flaws/
-
Phishing-Angreifer setzen vermehrt auf E-Mail-Routing-Lücken
Tags: 2fa, authentication, business, cyberattack, dmarc, dns, email, framework, infrastructure, intelligence, mail, mfa, microsoft, password, phishing, risk, service, spam, threatAngreifer missbrauchen falsch konfigurierte Richtlinien, um Phishing-E-Mails wie interne E-Mails aussehen zu lassen, Filter zu umgehen und Anmeldedaten zu stehlen.Das Threat Intelligence Team von Microsoft hat kürzlich festgestellt, dass Angreifer zunehmend komplexe E-Mail-Weiterleitungen und falsch konfigurierte Domain-Spoofing-Schutzmaßnahmen ausnutzen. Dabei lassen sie ihre Phishing-Nachrichten so aussehen, als würden sie von den angegriffenen Organisationen selbst stammen.In den…
-
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent internally.”Threat actors have leveraged this vector to deliver a wide variety of phishing messages related to various phishing-as-a-service (PhaaS) platforms such as Tycoon 2FA,” the First…
-
WordPress Admins Targeted by Renewal Email Phishing Scam
A phishing campaign targeting WordPress admins uses fake renewal emails to steal credit card data and 2FA codes in real time. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/wordpress-admins-targeted-by-renewal-email-phishing-scam/
-
Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
Tags: 2fa, attack, authentication, data-breach, exploit, firewall, fortinet, Internet, mfa, vulnerabilityOver 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/