Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses.
Stay updated on the latest bypass techniques threatening information security. Discover defenses and trends in system vulnerabilities with our insights.
Search across headline titles and summaries.
Background for this topic.
Bypass describes attacker methods that circumvent specific security controls, such as authentication checks, input validation, or detection systems, without directly exploiting the underlying vulnerability. These techniques often leverage design flaws, misconfigurations, or protocol weaknesses to evade protections like firewalls, multi-factor authentication, or antivirus scanning.
Bypassing controls can enable unauthorized access, data exfiltration, or persistent presence while avoiding alerts, complicating detection and response. Effective defense requires layered security measures, rigorous configuration management, and continuous validation of control effectiveness to identify and close bypass paths before attackers exploit them.
The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses.
Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass services using adversary-in-the-middle (AitM) proxying.
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers
A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai