This week, we encountered a new phishing campaign utilizing the Tycoon 2FA Phishing-as-a-Service (PhaaS) to bypass multifactor authentication (MFA).

The RDGA domains have Russian TLDs but are hosted on CloudFlare infrastructure. We have been seeing them use shared infrastructure for a few months now, definitely trying to make detection more challenging. They continue to obfuscate every piece of code but have updated their verification page. Previously, we always saw their custom Cloudflare Turnstile page, but now they also use a new captcha challenge, as shown below.(You can also check it here https://urlscan.io/result/0195ed8b-7a48-7348-a814-0a058571b51e/ )

Their old Cloudflare Turnstile page seems to still be their favorite, even though they now change their message more frequently: "Checking response before request" or "Tracking security across platform" are some of the new messages they use.

Here is a sample of the hundreds of domains we are detecting:
womivor[.]ru
nthecatepi[.]ru
toimlqdo[.]ru
dantherevin[.]ru
xptdieemy[.]ru

#dns #domains #phishing #AitM #PhaaS #tycoon #scam #cybercrime #threatintelligence #cybersecurity #infoblox #infobloxthreatintel #infosec #2MFABypass

@ErikvanStraten@infosec.exchange

Dankjewel voor deze verhelderende uitleg. Ik heb er niet bij stilgestaan dat door Cloudflare grote blokken van het internet letterlijk kunnen worden uitgeschakeld, door simpelweg een script te draaien

#Risico #Economie #Cloudflare #Fastly #CDN #AitM #MitM #FISASection702 #FISA #ThreeLetterAgencies #Trump #Sbowden #E2EE #InfoSec #VVD #PVV #CIDI #VT #VirusTotal #DVCerts #DV #OV #EV #QWAC #CyberCrime #NepWebsites #FakeWebsites

Wenn die Phishing-Attacke zuschlägt… 🎣

Insbesondere mit den neuen AitM-Attacken, welche die Multi-Faktor-Authentifizierung umgehen können, ist das Phishing wieder in aller Munde ⚠️

Was hinter diesen neuartigen Angriffen steckt und wie Ihr Euch dagegen schützen könnt, erfahrt Ihr auf unserem Blog ➡️ https://sohub.io/158j

#audiusgroup #erfolgdurchzuhoeren #meme #phishing #aitm #cybersecurity

Microsoft 365: Prävention und Reaktion bei AiTM Phishing-Attacken 🛡

Weitere Informationen: https://sohub.io/pw32

#audiusgroup #erfolgdurchzuhoeren #aitm #microsoft365 #cybersicherheit

And as the final presenter before lunch on day 3, @Jacob is now on stage talking about protecting against #AiTM attacks at scale with #canarytokens - at @hack_lu !!

#hacklu2024

Up soon:
"From 0 to millions: Protecting against AitM phishing at scale"

• Jacob Torrey @Jacob

@hack_lu #hacklu2024 #canaries #Thinkst #HoneyEverything #TTPs #AiTM #Deception #DetectionEngineering

Passkey implementations by Google, Amazon, Microsoft vulnerable to AitM attacks, research

Attackers can proxy login pages, removing mention of passkeys and prompting users to resort to passwords, finds eSentire.

https://www.computing.co.uk/news/4331630/passkey-implementations-google-amazon-microsoft-vulnerable-aitm-attacks-research

#technews #aitm #mitm #passkey #yubikey #esentire #infosec #cybersecurity

"Adversary In The Middle" feels like an unnecessary and clunky change. Let's at least keep the alliteration if we're gonna change it, guys. "Man in the middle," that shit rolls off the tongue.

"Threat in the middle"?
"Manipulator in the middle"?
"Enemy in the in-between"?

We can do better.

#infosec
#mitm
#aitm
#hacking
#security

Hackers are using this new phishing technique to steal Gmail and Microsoft 365 accounts.

#Tycoon 2FA - Adversary-in-the-Middle (#AiTM) and Phishing-as-a-Service (#PhaaS)
A sophisticated new phishing-as-a-service platform called “Tycoon 2FA” is gaining popularity among cybercriminals due to its ability to bypass multi-factor authentication and steal login credentials for Microsoft 365 and Gmail accounts.

Ongoing End-User Security awareness training is paramount in educating and arming your tea

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

Kicking off The Finished Product with a threat report on Evilginx, an open source AiTM phishing tool in active use #CTI #phishing #AiTM https://sourcesmethods.com/evilginx-phishing-proxy/

Unlock the power of self-actualization and elevate your frequency. Tune in for #LivingSugarFree insights. Dive into a transformative exploration of personal growth and conscious living w/ #AITM #HumpdayShift #DIYHeadExtraction 🌟

Empowerment 💪
#SpiritualGrowth ✨
#ThoughtLeadership 📚
#SelfActualization 🚀
#Sustainability 🌱
#Mindfulness 🧘♂️
#LifeLessons 📖
#Enlightenment 🔆
#Resilience 🎵
#SpiritualAdvisor 🌌
#WisdomTopMentor 🦉
#ElevateConsciousness 🌍

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

🎶🎵 Kickstart your week with inspiring music & empowerment on The #LivingSugarFree Lifestyle Show w/ #AITM! 🎵🎶 A dose of motivation, #AspieSecrets, and wisdom. 💪💡 Don't miss this exciting podcast episode! 🎙️🔥 ✨ #MotivationMatters #WisdomApp #PodcastLovers #LiveRecording #JoinTheDiscussion

Grand Rising #AITM - AI Besties #TurnUp #Tech 🧘🏾‍♀️🐆🐉💨
https://wisdom.app/tl/vyA2