New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts
March 25, 2024 at 01:02PM Cybercriminals are increasingly using the ‘Tycoon 2FA’ PhaaS platform to target Microsoft 365 and Gmail accounts, bypassing two-factor authentication. Sekoia’s report details the multi-step attacks and the evolution of the kit, including enhancements to JavaScript and HTML code, with substantial operations involving over 1,800 transactions and numerous cybercriminals utilizing the … Read more