Advertisement
Kali365 Phishing-as-a-Service Expands to Target AWS and Okta
The FBI-flagged Kali365 phishing kit now targets AWS and Okta via device code phishing, bypassing multi-factor authentication for cloud enterprise accounts.
Chinese-Language PhaaS: Real-Time OTP Interception and Tokenization
Chinese-language PhaaS providers like Darcula are shifting to real-time OTP interception and digital wallet tokenization to bypass modern MFA controls.
OAuth 2.0 Device Code Phishing Surge: Protecting M365 and Google
Device code phishing attacks have surged 37x this year. Learn how adversaries abuse the OAuth 2.0 Device Authorization Grant to bypass MFA and hijack accounts.
Tycoon 2FA PaaS Recovery: Detecting AitM Phishing Infrastructure
Tycoon 2FA Phishing-as-a-Service has recovered from law enforcement disruption. Learn how this AitM platform bypasses MFA and how to protect your organization.
Tycoon 2FA PhaaS Infrastructure Dismantled in Europol-Led Operation
Europol and global law enforcement dismantle Tycoon 2FA, a Phishing-as-a-Service kit used in 64,000 attacks to bypass MFA via AitM techniques.
Tycoon 2FA PhaaS Platform Dismantled in Global Law Enforcement Takedown
International law enforcement dismantled Tycoon 2FA, a Phishing-as-a-Service platform used to bypass MFA and target 500,000 organizations monthly.