Tycoon 2FA: Protect Against Phishing Kits That Bypass MFA
Advanced strategies to defend against Tycoon 2FA phishing kits that bypass MFA to harvest session cookies and exploit user accounts.
Adversary-in-the-Middle (AiTM) is a phishing technique allowing attackers to hijack a user’s sign-in session, intercept the user’s password and session cookie, and then get authenticated to a session on the user’s behalf. Once the attackers have successfully captured the user’s credentials and session cookies, they move to the next phase of the attack by accessing compromised users’ mailboxes to launch BEC campaigns against other targets.
AiTM Phishing Attacks: Keeping Up with Attacker TTPs
Attackers are turning up the heat with advanced TTPs like Adversary-in-the-Middle (AiTM) phishing attacks to steal session cookies and bypass MFA security.