Topic: mfa bypass

Sort by: Relevance | Date
  • Tycoon 2FA Phishing Platform Exposes Legacy MFA Flaws
    November 19, 2025
    93%

    Tycoon 2FA Phishing Platform Exposes Legacy MFA Flaws

    The Tycoon 2FA phishing kit enables attackers to easily bypass multi-factor authentication by using automated tools and fake login portals, primarily targeting Microsoft 365 and Gmail credentials. It intercepts user credentials and session cookies in real-time while mimicking legitimate login exp...

    Read More »
  • Akira Ransomware Bypasses MFA to Breach SonicWall VPNs
    October 5, 2025
    92%

    Akira Ransomware Bypasses MFA to Breach SonicWall VPNs

    Akira ransomware is bypassing multi-factor authentication on SonicWall SSL VPN devices, likely using stolen OTP seeds to generate valid tokens despite security patches. Attackers exploit the CVE-2024-40766 vulnerability to steal credentials, which they reuse even on patched systems, gaining rapid...

    Read More »
  • The $400M Password Problem: Can You Get a New One?
    September 12, 2025
    90%

    The $400M Password Problem: Can You Get a New One?

    A social engineering attack on Clorox, executed by impersonating employees and manipulating an outsourced service desk, led to an estimated $380 million in damages by exploiting weak password and MFA reset procedures. The breach caused severe operational disruptions, including halted production a...

    Read More »
  • 2025 Phishing Trends: Protect Your Security Strategy Now
    December 16, 2025
    88%

    2025 Phishing Trends: Protect Your Security Strategy Now

    Phishing in 2025 became more sophisticated and identity-focused, with attacks increasingly occurring outside of email through channels like LinkedIn and manipulated search results to bypass traditional security filters. The rise of Phishing-as-a-Service kits enables real-time attacks that can byp...

    Read More »
  • Akira Ransomware: 4 Hours from VPN Login to Total Encryption
    September 30, 2025
    88%

    Akira Ransomware: 4 Hours from VPN Login to Total Encryption

    Akira ransomware attacks can achieve full network encryption in as little as four hours after initial VPN access, leaving organizations with a very narrow window for detection and response. Attackers exploit stolen SonicWall VPN credentials and bypass multi-factor authentication to systematically...

    Read More »
  • SonicWall VPN Attacks Intensify, MFA Bypassed
    September 30, 2025
    87%

    SonicWall VPN Attacks Intensify, MFA Bypassed

    A ransomware group named Akira is exploiting SonicWall SSL VPN appliances, primarily through a known vulnerability (CVE-2024-40766), to bypass multi-factor authentication and gain unauthorized access. The attacks are highly automated and rapid, with intruders moving quickly to scan networks and d...

    Read More »
  • Okta SSO accounts targeted in vishing data theft attacks
    January 24, 2026
    85%

    Okta SSO accounts targeted in vishing data theft attacks

    A new wave of sophisticated phishing attacks uses real-time voice calls and adversary-in-the-middle platforms to steal employee Okta credentials and bypass multi-factor authentication (MFA) by manipulating victims during live conversations. Attackers conduct detailed reconnaissance, spoof interna...

    Read More »
  • Microsoft Warns of "Payroll Pirate" Scam Targeting Employee Paychecks
    October 13, 2025
    85%

    Microsoft Warns of "Payroll Pirate" Scam Targeting Employee Paychecks

    A phishing campaign called "Payroll Pirate" targets corporate HR accounts to redirect employee paychecks into criminal-controlled bank accounts by manipulating platforms like Workday. Attackers use adversary-in-the-middle techniques to intercept login credentials and multi-factor authentication c...

    Read More »
  • New Salty2FA Phishing Kit Raises Sophistication Alarm
    September 11, 2025
    85%

    New Salty2FA Phishing Kit Raises Sophistication Alarm

    The Salty2FA phishing kit uses advanced tactics like session-based subdomain rotation, legitimate platform abuse, and precise corporate branding to create highly convincing fraudulent login pages. It incorporates Cloudflare’s Turnstile and obfuscated JavaScript to evade automated analysis and com...

    Read More »
  • 6 Browser Threats Your Security Team Must Prepare for in 2025
    September 6, 2025
    82%

    6 Browser Threats Your Security Team Must Prepare for in 2025

    The browser is now a primary attack surface for cyber threats, targeting cloud applications and corporate data through sophisticated campaigns. Key browser-based threats include phishing for credentials and sessions, malicious code delivery, and malicious OAuth integrations, which bypass traditio...

    Read More »
  • ScreenConnect Admins Alerted to Spoofed Login Attacks
    August 27, 2025
    78%

    ScreenConnect Admins Alerted to Spoofed Login Attacks

    ScreenConnect administrators are targeted by a phishing campaign using fake security alerts to steal login credentials and bypass multi-factor authentication, aiming to compromise Super Admin accounts. Attackers employ the EvilGinx framework to create convincing phishing portals that capture sess...

    Read More »
  • CitrixBleed 2 Vulnerability Actively Exploited
    June 28, 2025
    75%

    CitrixBleed 2 Vulnerability Actively Exploited

    A critical vulnerability in Citrix NetScaler systems (CVE-2025-5777, CVSS 9.3), dubbed CitrixBleed 2, allows attackers to bypass authentication and compromise user sessions, similar to the 2023 CitrixBleed exploit. Attackers are actively exploiting the flaw, using tactics like MFA bypass, session...

    Read More »

Related Topics

lateral movement (4) session hijacking (3) social engineering (3) credential theft (3) security recommendations (3) detection evasion (3) ransomware attacks (2) cloud security (2)