Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners one of the world's most prolific phishing-as-a-service platforms has been dismantled.

The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multi-factor authentication defenses.

Coinbase’s Global Intelligence team said it traced cryptocurrency payments used to fund Tycoon’s operations. Phishing-as-a-service platforms often operate like illicit software businesses, with ...

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...

An international law enforcement operation coordinated by Europol has disrupted Tycoon2FA, a major phishing-as-a-service ...

Tycoon 2FA is no more thanks to a major law enforcement operation.

Microsoft uncovers OAuth phishing campaigns that abuse login redirects to deliver malware and steal credentials.

The infrastructure hosting the Tycoon2FA service, which Europol said was among the largest phishing operations worldwide, has been taken down by a coalition of IT companies and law enforcement ...

Coinbase, Microsoft, and Europol shut down Tycoon 2FA, a phishing platform that bypassed multi-factor authentication and ...

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...