Tag: phishing
-
New Social Security Scam Emails Use Fake Tax Documents to Hijack PCs
A new phishing campaign is targeting thousands in the US by posing as the Social Security Administration. Learn how scammers use fake 2025/2026 tax statements and Datto RMM software to hijack computers and steal data, as shared with Hackread.com First seen on hackread.com Jump to article: hackread.com/social-security-scam-emails-fake-tax-doc-hijack-pc/
-
ClickFix attackers using new tactic to evade detection, says Microsoft
AppData\Local that is then invoked through cmd.exe to write a VBScript to %Temp%. The batch script is executed via cmd.exe with the /launched command-line argument, and is then executed again through MSBuild.exe, resulting in LOLBin abuse. The script connects to Crypto Blockchain RPC endpoints, indicating etherhiding technique, and also performs QueueUserAPC()-based code injection into chrome.exe…
-
Inside Tycoon 2FA: Disrupting a Global Phishing Operation
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/inside-tycoon-2fa-disrupting-a-global-phishing-operation
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
Iran-nexus APT Dust Specter targets Iraq officials with new malware
A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Specter to a campaign targeting Iraqi government officials. Threat actors impersonated the country’s Ministry of Foreign Affairs in phishing messages that delivered previously unseen malware, including SPLITDROP, TWINTASK, TWINTALK,…
-
Tycoon 2FA abgeschaltet: Schlag gegen weltweites AiTM-Phishing
Eine internationale Kooperation aus Sicherheitsfirmen und Behörden hat die Infrastruktur von Tycoon 2FA, einer der meistgenutzten Phishing-as-a-Service-Plattformen, erfolgreich zerstört. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/tycoon-2fa-abgeschaltet
-
Why phishing still works today
Tags: phishingIn this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/06/why-phishing-still-works-today/
-
Analyse von Palo Alto Networks – Hacker erstellen Phishing-Seiten mit LLMs in Echtzeit
First seen on security-insider.de Jump to article: www.security-insider.de/ki-phishing-llm-javascript-im-browser-palo-alto-networks-a-7f2c070feb5687a9b52f9c3c76177df0/
-
Drei Hebel gegen Spear-Phishing
Spear-Phishing zählt heute zu den gefährlichsten Cyberbedrohungen für Unternehmen. Anders als bei klassischem Massen-Phishing zielen Angreifer auf einzelne Personen, häufig Führungskräfte oder Mitarbeitende der Finanzabteilung, und nutzen interne Informationen, um Vertrauen aufzubauen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/drei-hebel-spear-phishing
-
Europa im Visier von Cyber-Identitätsdieben
Deutsche Unternehmen müssen sich warm anziehen: Sowohl staatliche als auch ‘private” Akteure haben es auf sie abgesehen.ShutterstockWie die Experten von Darktrace in ihrem aktuellen Threat Report 2026 darstellen, bleiben Cloud- und E-Mail-Konten das Einfallstor Nummer Eins in Europa. Dem Bericht zufolge begannen im vergangenen Jahr in Europa 58 Prozent der Attacken mit kompromittierten Cloud-Accounts oder…
-
LeakBase marketplace unplugged by cops in 14 countries
Tags: banking, breach, credentials, cybercrime, data, germany, infrastructure, international, Internet, law, marketplace, phishing, service, theftGlobal effort: Thanks to international co-operation, a number of criminal marketplaces have been seized in recent years, including BreachForums and RaidForums.Law enforcement agencies involved in various ways in this week’s takedown came from Australia, Belgium, Canada, Germany, Greece, Kosovo, Malaysia, Netherlands, Poland, Portugal, Romania, Spain, the United Kingdom and the US.News of the seizure comes…
-
The Hidden Cyber Risks of Remote Work Infrastructure
Hidden cyber risks in remote work include insecure home Wi-Fi, phishing attacks, and data exposure, leaving businesses and employees vulnerable to breaches. First seen on hackread.com Jump to article: hackread.com/hidden-cyber-risks-remote-work-infrastructure/
-
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/tycoon-2fa-europol-vendors-bust-phishing-platform
-
ThreatLocker Unveils Zero Trust Network And Cloud Access: 5 Things To Know
ThreatLocker announced its expansion into offering zero trust network and cloud access tools Thursday, with the aim of delivering a massive protection boost for MSPs against phishing and network exposure threats, ThreatLocker CEO Danny Jenkins tells CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/threatlocker-unveils-zero-trust-network-and-cloud-access-5-things-to-know
-
Microsoft, Europol disrupt global phishing platform Tycoon 2FA
The service helped cybercriminals bypass multifactor authentication and led to business email compromise and ransomware. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-europol-disrupt-phishing-tycoon-2fa/813904/
-
Russian APT targets Ukraine with BadPaw and MeowMeow malware
Researchers uncovered a Russian campaign targeting Ukrainian entities with new malware families BadPaw and MeowMeow delivered through phishing emails. Researchers reported a phishing campaign linked to Russia that targets Ukrainian organizations using two new malware families, BadPaw and MeowMeow. The attack chain begins with a phishing email carrying a link to a ZIP archive. When…
-
Analyse von Palo Alto – Hacker erstellen Phishing-Seiten mit LLMs in Echtzeit
First seen on security-insider.de Jump to article: www.security-insider.de/ki-phishing-llm-javascript-im-browser-palo-alto-networks-a-7f2c070feb5687a9b52f9c3c76177df0/
-
Police dismantle major phishing platform blamed for attacks on hospitals and schools
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday. First seen on therecord.media Jump to article: therecord.media/police-dismantle-tycoon-2fa-phishing-platform
-
Authorities Shut Down Tycoon 2FA Phishing Platform Used to Bypass MFA
Europol and partners dismantle Tycoon 2FA phishing service used to bypass MFA, disrupting a global phishing-as-a-service operation targeting organisations. First seen on hackread.com Jump to article: hackread.com/tycoon-2fa-phishing-platform-shut-down-bypass-mfa/
-
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow.”The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border…
-
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/tycoon-2fa-phishing-platform-takedown-europol/
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
Europol greift durch: Eine der weltweit größten Phishing-Plattformen zerschlagen
Mit Tycoon 2FA konnten Angreifer per Abo Phishing-Kampagnen starten und etwa Microsoft- und Google-Konten kapern. Doch das ist jetzt vorbei. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-eine-der-weltweit-groessten-phishing-plattformen-zerschlagen-2603-206122.html
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…