Advertisement
FBI Warns of Kali365 PhaaS Targeting Microsoft 365 Accounts
The FBI issues an advisory on Kali365, a Phishing-as-a-Service platform exploiting OAuth device code flows to bypass MFA and hijack Microsoft 365 accounts.
Tycoon 2FA Market Shift: Fragmentation and the Rise of Dadsec
Analysis of Tycoon 2FA's declining market share as threat actors reuse its technical artifacts in Dadsec and other phishing-as-a-service platforms.
Detecting Credential-Based Attacks: Moving Beyond Signatures
Identity-based attacks leverage valid credentials to mimic legitimate activity, requiring a shift toward behavioral detection and identity-centric monitoring.
Identity-Based Attacks: Why Breach Monitoring Fails to Stop Infostealers
Infostealers are bypassing MFA by harvesting session cookies. Learn why traditional breach monitoring is insufficient and how to secure identity perimeters.
Beyond MFA: Bridging the Zero Trust Gap in Session Security
Authentication alone does not equate to trust. Discover how session token hijacking bypasses MFA and why device health is critical for Zero Trust.
2025 Identity Threat Report: Analyzing the Infostealer Economy
Recorded Future's 2025 Identity Threat Landscape Report examines how infostealer malware and session cookie theft drive the modern credential threat economy.