#multi-factor-authentication — Public Fediverse posts

Device Code Phishing is an Evolution in Identity Takeover

Device code phishing attacks have exploded across the threat landscape, with new toolkits emerging weekly. This surge coincides with publicly released criminal toolkits and multiple phishing-as-a-service offerings like EvilTokens and Tycoon. Threat actors abuse the OAuth 2.0 device authorization grant flow to compromise Microsoft 365 and other enterprise accounts by tricking users into authorizing malicious applications. Current implementations use on-demand code generation, addressing the 15-minute expiration limitation of previous techniques. Most activity appears to be generated using AI-based coding techniques. Successful attacks lead to full account takeover, data theft, business email compromise, and potential ransomware deployment. The technique represents the natural evolution of credential phishing as organizations improve their defenses against traditional multifactor authentication bypass methods.

Pulse ID: 6a05af080ae591ea2bf00e87
Pulse Link: https://otx.alienvault.com/pulse/6a05af080ae591ea2bf00e87
Pulse Author: AlienVault
Created: 2026-05-14 11:16:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #DataTheft #Email #InfoSec #Microsoft #MultiFactorAuthentication #OTX #OpenThreatExchange #Phishing #RAT #RansomWare #bot #AlienVault

Breaking the code: Multi-stage 'code of conduct' phishing campaign leads to AiTM token compromise

A sophisticated large-scale credential theft campaign targeted over 35,000 users across 13,000 organizations, primarily in the United States, between April 14-16, 2026. Attackers distributed fully authenticated emails from legitimate services using code of conduct-themed lures with polished HTML templates. The multi-stage attack chain included PDF attachments with embedded links, multiple CAPTCHA challenges, and intermediate staging pages designed to appear legitimate while filtering automated defenses. Recipients were directed through several layers ultimately leading to an adversary-in-the-middle phishing flow that proxied authentication sessions and captured tokens, bypassing non-phishing-resistant multifactor authentication. The campaign broadly impacted Healthcare, Financial services, Professional services, and Technology industries, using social engineering techniques that created urgency through time-bound prompts and concerning accusations.

Pulse ID: 69f8f1230f0bda494499b941
Pulse Link: https://otx.alienvault.com/pulse/69f8f1230f0bda494499b941
Pulse Author: AlienVault
Created: 2026-05-04 19:18:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AdversaryInTheMiddle #AitM #CAPTCHA #CyberSecurity #Email #HTML #Healthcare #InfoSec #MultiFactorAuthentication #OTX #OpenThreatExchange #PDF #Phishing #SocialEngineering #UnitedStates #bot #AlienVault

Infostealers and Lack of MFA Led to Dozens of Major Breaches https://thecyberexpress.com/infostealers-and-lack-of-mfa-led-to-breaches/ #MultifactorAuthentication #TheCyberExpressNews #TheCyberExpress #DataBreachNews #FirewallDaily #cybersecurity #CyberThreats #cyberattacks #infostealer #databreach #CyberNews #malware #2FA #mfa

Hybrid 2FA phishing kits are making attacks harder to detect https://www.csoonline.com/article/4100393/hybrid-2fa-phishing-kits-are-making-attacks-harder-to-detect.html #IdentityandAccessManagement #MultifactorAuthentication #SocialEngineering #Authentication #AccessControl #Cybercrime #Phishing #Security

Account Takeover Scams Surge as FBI Reports Over $262 Million in Losses https://thecyberexpress.com/account-takeover-fraud-sees-sharp-spike/ #InternetCrimeComplaintCenter(IC3) #phishingdomainsandwebsites #AccountTakeover(ATO)fraud #MultifactorAuthentication #TheCyberExpressNews #socialengineering #phishingwebsites #AccountTakeover #BlackFridaySale #TheCyberExpress #FirewallDaily #SEOpoisoning #Governance #CyberNews #ATOFraud #FBI

Ever wonder how one forgotten weak password can open the door for hackers? Discover why long, memorable passphrases and smart management are more crucial than ever in keeping your data safe.

https://thedefendopsdiaries.com/why-password-controls-still-matter-in-cybersecurity/

#passwordsecurity
#cybersecurity
#multifactorauthentication
#passwordmanagement
#databreachprevention

Cybercriminals are eyeing Microsoft Exchange Servers like never before. CISA and NSA just laid out a fresh playbook—from tougher logins to bulletproof encryption. Ready to see if your defenses stack up?

https://thedefendopsdiaries.com/securing-microsoft-exchange-servers-key-guidance-from-cisa-and-nsa/

#microsoftexchange
#cybersecurity
#cisa
#nsa
#multifactorauthentication
#networkencryption
#accesscontrol
#patchmanagement
#phishingprotection

Why “Secure Login” Isn’t Enough to Protect Your Mobile App Anymore https://thecyberexpress.com/why-mobile-app-security-cant-stop-at-login/ #RuntimeApplicationSelfProtection #MultifactorAuthentication #mobilefraudprevention #appruntimesecurity #mobileappsecurity #OnetimePasswords #deviceintegrity #Vulnerabilities #APISecurity #CyberNews #mobileapp #fintech #BFSI #OTPs

SonicWall’s VPN breach shows how stolen credentials can blow open account security in just days. Is your organization ready to fend off smarter, faster cyberattacks?

https://thedefendopsdiaries.com/sonicwall-vpn-breach-highlights-growing-threat-of-credential-based-attacks/

#sonicwall
#vpnsecurity
#credentialtheft
#cyberattack
#multifactorauthentication

Microsoft warns of new “Payroll Pirate” scam stealing employees’ direct deposits - Microsoft is warning of an active scam that diverts employee... - https://arstechnica.com/security/2025/10/payroll-pirate-phishing-scam-that-takes-over-workday-accounts-steals-paychecks/ #multifactorauthentication #security #phishing #biz⁢ #mfa

‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee Salaries https://thecyberexpress.com/payroll-pirate-attacks-target-u-s-universities/ #BusinessEmailCompromiseTrend #MicrosoftThreatIntelligence #multifactorauthentication #TheCyberExpressNews #phishingcampaigns #TheCyberExpress #WorkdayAccounts #phishingemails #FirewallDaily #payrollpirate #CyberNews #Microsoft

The Power of Two: Why MFA Matters More Than Ever https://thecyberexpress.com/why-mfa-matters-more-than-ever/ #CybersecurityAwarenessMonth2025 #CybersecurityAwarenessMonth #multifactorauthentication #twofactorauthentication #TheCyberExpressNews #twostepverification #TheCyberExpress #FirewallDaily #Features #CISA #mfa

Imagine trusting a nursery's digital platform and finding out over 1,000 kids' sensitive data was stolen—and hackers even made threats. What went wrong, and what can every organization learn from this cyber breach?

https://thedefendopsdiaries.com/cybersecurity-lessons-from-the-london-nursery-breach/

#cybersecurity
#databreach
#incidentresponse
#dataprotection
#multifactorauthentication

DraftKings just faced a breach—not from some sci-fi hack but through the all-too-common tactic of credential stuffing. Reusing passwords made it easy for attackers. How secure are your accounts? Dive in to learn the warning signs and how to protect yourself.

https://thedefendopsdiaries.com/credential-stuffing-lessons-from-the-draftkings-breach/

#credentialstuffing
#databreach
#passwordsecurity
#multifactorauthentication
#cybersecuritytips

l+f: Nie mehr arbeiten dank #Cybercrime | heise online https://www.heise.de/news/l-f-Nie-mehr-arbeiten-dank-Cybercrime-10679732.html #MFABombing #MFA #MFAFatigue #MultiFaktorAuthentifizierung #MultiFactorAuthentification #MultiFactorAuthentication #Ransomware #Malware

Your Easiest Fix: The 3 Golden Rules for a Password that AI Can’t Crack https://thecyberexpress.com/cybersecurity-awareness-month-2025/ #CybersecurityAwarenessMonth2025 #CybersecurityAwarenessMonth #MultifactorAuthentication #cybersafeculture #PasswordManagers #TheCyberExpress #FirewallDaily #cybersecurity #BadPasswords #passwords #Features #CISA

Neues Phishing-Framework umgeht Multi-Faktor-Authentifizierung – Source: www.csoonline.com https://ciso2ciso.com/neues-phishing-framework-umgeht-multi-faktor-authentifizierung-source-www-csoonline-com/ #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #CSOonline #CSOOnline #Phishing #Security

Neues Phishing-Framework umgeht Multi-Faktor-Authentifizierung https://www.csoonline.com/article/4054869/neues-phishing-framework-umgeht-multi-faktor-authentifizierung.html #MultifactorAuthentication #Phishing #Security

Phishing kit Salty2FA washes away confidence in MFA – Source: www.csoonline.com https://ciso2ciso.com/phishing-kit-salty2fa-washes-away-confidence-in-mfa-source-www-csoonline-com/ #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #CSOonline #CSOOnline #Phishing #Security

Phishing kit Salty2FA washes away confidence in MFA https://www.csoonline.com/article/4053744/phishing-kit-salty2fa-washes-away-confidence-in-mfa.html #MultifactorAuthentication #Phishing #Security

What to Do After a Data Breach: A Practical Guide for Protecting Your Identity
https://youtu.be/wGfpr7J3TgU #CyberSecurity #DataBreach #IdentityProtection #MultiFactorAuthentication #PasswordSecurity #CreditFreeze #DigitalSecurity #RiskManagement #DataProtection #IdentityTheft

#Multifactorauthentication isn't safe anymore

New #Phishing Kit Bypasses MFA to Steal Microsoft 365 Credentials

#cybersecurity #scam #hacking
https://blog.knowbe4.com/new-phishing-kit-bypasses-mfa-to-steal-microsoft-365-credentials

A passkey is supposed to replace a password. It's not supposed to be an additional factor.

#Passkeys #MultiFactorAuthentication

Microsoft Entra Private Access brings conditional access to on-prem Active Directory – Source: www.csoonline.com https://ciso2ciso.com/microsoft-entra-private-access-brings-conditional-access-to-on-prem-active-directory-source-www-csoonline-com/ #IdentityandAccessManagement #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #ActiveDirectory #Windowssecurity #authentication #CSOonline #CSOOnline

Microsoft Entra Private Access brings conditional access to on-prem Active Directory https://www.csoonline.com/article/4041752/microsoft-entra-private-access-brings-conditional-access-to-on-prem-active-directory.html #IdentityandAccessManagement #MultifactorAuthentication #ActiveDirectory #WindowsSecurity #Authentication

Reveal Security Unveils Preemptive Approach to Securing Applications and Cloud Services – Source: securityboulevard.com https://ciso2ciso.com/reveal-security-unveils-preemptive-approach-to-securing-applications-and-cloud-services-source-securityboulevard-com/ #AIandMachineLearninginSecurity #SecurityBoulevard(Original) #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #SocialX #AppSec #AI

Windows tips for reducing the ransomware threat – Source: www.csoonline.com https://ciso2ciso.com/windows-tips-for-reducing-the-ransomware-threat-source-www-csoonline-com/ #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #Windowssecurity #authentication #CSOonline #passwords #CSOOnline

Windows tips for reducing the ransomware threat https://www.csoonline.com/article/4031659/windows-tips-for-reducing-the-ransomware-threat.html #MultifactorAuthentication #WindowsSecurity #Authentication #Passwords

The age of infostealers is here. Is your financial service secure? – Source: www.csoonline.com https://ciso2ciso.com/the-age-of-infostealers-is-here-is-your-financial-service-secure-source-www-csoonline-com/ #IdentityandAccessManagement #Financialservicesindustry #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #authentication #Encryption #CSOonline #CSOOnline #Malware