#multifactorauthentication — Public Fediverse posts

Device Code Phishing is an Evolution in Identity Takeover

Device code phishing attacks have exploded across the threat landscape, with new toolkits emerging weekly. This surge coincides with publicly released criminal toolkits and multiple phishing-as-a-service offerings like EvilTokens and Tycoon. Threat actors abuse the OAuth 2.0 device authorization grant flow to compromise Microsoft 365 and other enterprise accounts by tricking users into authorizing malicious applications. Current implementations use on-demand code generation, addressing the 15-minute expiration limitation of previous techniques. Most activity appears to be generated using AI-based coding techniques. Successful attacks lead to full account takeover, data theft, business email compromise, and potential ransomware deployment. The technique represents the natural evolution of credential phishing as organizations improve their defenses against traditional multifactor authentication bypass methods.

Pulse ID: 6a05af080ae591ea2bf00e87
Pulse Link: https://otx.alienvault.com/pulse/6a05af080ae591ea2bf00e87
Pulse Author: AlienVault
Created: 2026-05-14 11:16:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #DataTheft #Email #InfoSec #Microsoft #MultiFactorAuthentication #OTX #OpenThreatExchange #Phishing #RAT #RansomWare #bot #AlienVault

Breaking the code: Multi-stage 'code of conduct' phishing campaign leads to AiTM token compromise

A sophisticated large-scale credential theft campaign targeted over 35,000 users across 13,000 organizations, primarily in the United States, between April 14-16, 2026. Attackers distributed fully authenticated emails from legitimate services using code of conduct-themed lures with polished HTML templates. The multi-stage attack chain included PDF attachments with embedded links, multiple CAPTCHA challenges, and intermediate staging pages designed to appear legitimate while filtering automated defenses. Recipients were directed through several layers ultimately leading to an adversary-in-the-middle phishing flow that proxied authentication sessions and captured tokens, bypassing non-phishing-resistant multifactor authentication. The campaign broadly impacted Healthcare, Financial services, Professional services, and Technology industries, using social engineering techniques that created urgency through time-bound prompts and concerning accusations.

Pulse ID: 69f8f1230f0bda494499b941
Pulse Link: https://otx.alienvault.com/pulse/69f8f1230f0bda494499b941
Pulse Author: AlienVault
Created: 2026-05-04 19:18:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AdversaryInTheMiddle #AitM #CAPTCHA #CyberSecurity #Email #HTML #Healthcare #InfoSec #MultiFactorAuthentication #OTX #OpenThreatExchange #PDF #Phishing #SocialEngineering #UnitedStates #bot #AlienVault

Hybrid 2FA phishing kits are making attacks harder to detect https://www.csoonline.com/article/4100393/hybrid-2fa-phishing-kits-are-making-attacks-harder-to-detect.html #IdentityandAccessManagement #MultifactorAuthentication #SocialEngineering #Authentication #AccessControl #Cybercrime #Phishing #Security

Ever wonder how one forgotten weak password can open the door for hackers? Discover why long, memorable passphrases and smart management are more crucial than ever in keeping your data safe.

https://thedefendopsdiaries.com/why-password-controls-still-matter-in-cybersecurity/

#passwordsecurity
#cybersecurity
#multifactorauthentication
#passwordmanagement
#databreachprevention

Cybercriminals are eyeing Microsoft Exchange Servers like never before. CISA and NSA just laid out a fresh playbook—from tougher logins to bulletproof encryption. Ready to see if your defenses stack up?

https://thedefendopsdiaries.com/securing-microsoft-exchange-servers-key-guidance-from-cisa-and-nsa/

#microsoftexchange
#cybersecurity
#cisa
#nsa
#multifactorauthentication
#networkencryption
#accesscontrol
#patchmanagement
#phishingprotection

Why “Secure Login” Isn’t Enough to Protect Your Mobile App Anymore https://thecyberexpress.com/why-mobile-app-security-cant-stop-at-login/ #RuntimeApplicationSelfProtection #MultifactorAuthentication #mobilefraudprevention #appruntimesecurity #mobileappsecurity #OnetimePasswords #deviceintegrity #Vulnerabilities #APISecurity #CyberNews #mobileapp #fintech #BFSI #OTPs

Why “Secure Login” Isn’t Enough to Protect Your Mobile App Anymore https://thecyberexpress.com/why-mobile-app-security-cant-stop-at-login/ #RuntimeApplicationSelfProtection #MultifactorAuthentication #mobilefraudprevention #appruntimesecurity #mobileappsecurity #OnetimePasswords #deviceintegrity #Vulnerabilities #APISecurity #CyberNews #mobileapp #fintech #BFSI #OTPs

Why “Secure Login” Isn’t Enough to Protect Your Mobile App Anymore https://thecyberexpress.com/why-mobile-app-security-cant-stop-at-login/ #RuntimeApplicationSelfProtection #MultifactorAuthentication #mobilefraudprevention #appruntimesecurity #mobileappsecurity #OnetimePasswords #deviceintegrity #Vulnerabilities #APISecurity #CyberNews #mobileapp #fintech #BFSI #OTPs

Why “Secure Login” Isn’t Enough to Protect Your Mobile App Anymore https://thecyberexpress.com/why-mobile-app-security-cant-stop-at-login/ #RuntimeApplicationSelfProtection #MultifactorAuthentication #mobilefraudprevention #appruntimesecurity #mobileappsecurity #OnetimePasswords #deviceintegrity #Vulnerabilities #APISecurity #CyberNews #mobileapp #fintech #BFSI #OTPs

What to Do After a Data Breach: A Practical Guide for Protecting Your Identity
https://youtu.be/wGfpr7J3TgU #CyberSecurity #DataBreach #IdentityProtection #MultiFactorAuthentication #PasswordSecurity #CreditFreeze #DigitalSecurity #RiskManagement #DataProtection #IdentityTheft

Reveal Security Unveils Preemptive Approach to Securing Applications and Cloud Services – Source: securityboulevard.com https://ciso2ciso.com/reveal-security-unveils-preemptive-approach-to-securing-applications-and-cloud-services-source-securityboulevard-com/ #AIandMachineLearninginSecurity #SecurityBoulevard(Original) #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #SocialX #AppSec #AI

Reveal Security Unveils Preemptive Approach to Securing Applications and Cloud Services – Source: securityboulevard.com https://ciso2ciso.com/reveal-security-unveils-preemptive-approach-to-securing-applications-and-cloud-services-source-securityboulevard-com/ #AIandMachineLearninginSecurity #SecurityBoulevard(Original) #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #SocialX #AppSec #AI

Reveal Security Unveils Preemptive Approach to Securing Applications and Cloud Services – Source: securityboulevard.com https://ciso2ciso.com/reveal-security-unveils-preemptive-approach-to-securing-applications-and-cloud-services-source-securityboulevard-com/ #AIandMachineLearninginSecurity #SecurityBoulevard(Original) #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #SocialX #AppSec #AI

Reveal Security Unveils Preemptive Approach to Securing Applications and Cloud Services – Source: securityboulevard.com https://ciso2ciso.com/reveal-security-unveils-preemptive-approach-to-securing-applications-and-cloud-services-source-securityboulevard-com/ #AIandMachineLearninginSecurity #SecurityBoulevard(Original) #multifactorauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #SocialX #AppSec #AI

Best Password Manager for Small Business in 2025 https://www.byteseu.com/1238911/ #AdminControls #business #BusinessSoftware #CybersecurityTools #DataProtection #MultiFactorAuthentication #PasswordManagers #SecureLoginManagement #SmallBusinessSecurity #TeamPasswordSharing #ZeroKnowledgeEncryption

Learn about zero-trust security, its advantages, and disadvantages, best practices, and approaches to implementation. Find out how to protect sensitive data and prevent unauthorized access with this methodology. Improve your network infrastructure and security policies using multi-factor authentication, access controls, encryption, network segmentation, behavioral analytics, and machine learning. #ZeroTrustSecurity #CyberSecurity #NetworkSecurity #DataProtection #MultiFactorAuthentication #Encryption #NetworkSegmentation #BehavioralAnalytics #MachineLearning #InformationSecurity #security #data #network #analytics #infrastructure https://medium.com/@sanjay.mohindroo66/zero-trust-security-advantages-disadvantages-and-best-practiceszero-trust-security-advantages-fb0da0c507e1

🍲 Daemon Soup: The Cybersecurity Tiers of Small Businesses #cybersecurity, #smallbusiness, #digitaldefense, #DaemonSoup, #cybersecuritytiers, #businesssecurity, #passwordprotection, #employeetraining, #multifactorauthentication, #encryption, #penetrationtesting, #firewalls, #antivirus, #cybersecuritystrategy, #dataprotection, #securitybestpractices, #cyberthreats, #ITsecurity, #systemfortification, #cyberresilience, #threatdetection

http://tomsitcafe.com/2025/04/09/%f0%9f%8d%b2-daemon-soup-the-cybersecurity-tiers-of-small-businesses/

I hear very often that the cloud is secure because Multi Factor Authentication (MFA) is enabled, so all accounts are secure.

What about the service accounts and the (break glass) global administrator account?

Or in Azure: do you have a conditional access policy that excludes accounts from MFA?

What about MFA phishing with evilginx?

=> Apply a defense-in-depth strategy also in cloud environments.

#DFIR #knowledgedrop #cloud #mfa #multifactorauthentication

A lot of banks in the Philippines still rely on SMS for #2FA, despite how insecure it is—easily spoofed, intercepted, and unreliable. Some use in-app confirmations via their mobile app, but if you lose access to your phone, you're probably locked out. Why not support standard authentication apps like #2FAS, #Aegis, #Bitwarden, #Vaultwarden, or #KeePassXC, which have TOTP support and easy backups? That way, I wouldn’t have to worry about losing access. #MFA #MultiFactorAuthentication #Security

Snowflake Will Make MFA Mandatory Next Year – Source: securityboulevard.com https://ciso2ciso.com/snowflake-will-make-mfa-mandatory-next-year-source-securityboulevard-com/ #MultiFactorAuthentication(MFA) #SecurityBoulevard(Original) #Passwordlessauthentication #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityAwareness #SecurityBoulevard #socialengineering #Identity&Access #NetworkSecurity #MobileSecurity #CloudSecurity #Cybersecurity #datasecurity #DataPrivacy #Snowflake #Spotlight #News

In a hybrid on-premises and AWS environment, implementing security principles like Role-Based Access Control (RBAC), Zero Trust, and Least Access is crucial to protect resources and data.

https://linuxexpert.org/implementing-rbac-zero-trust-and-least-access-principles-in-a-hybrid-on-prem-and-aws-environment/

#RBAC #ZeroTrust #LeastAccess #HybridCloud #CloudSecurity #AWS #OnPremises #Linux #Windows #IAM #CyberSecurity #Serverless #NetworkSecurity #MultiFactorAuthentication #DataProtection #SecurityAudit #AccessControl #IAMRoles #AD #LDAP

Multiple Cryptocurrency Firms Fall Victim to Squarespace Domain Hijacking https://thecyberexpress.com/cryptocurrency-squarespace-domain-hijacking/ #Squarespacedomainhijacking #MultifactorAuthentication #TheCyberExpressNews #CybersecurityNews #TheCyberExpress #DataBreachNews #cryptocurrency #FirewallDaily #GoogleDomains #HackerClaims #securityflaw #Squarespace #HackerNews #Phishing

FIN7 Cybercrime Group Strikes US Auto Sector Using Carbanak – Source: securityboulevard.com https://ciso2ciso.com/fin7-cybercrime-group-strikes-us-auto-sector-using-carbanak-source-securityboulevard-com/ #multifactorauthentication #phishingawarenesstraining #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #CybersecurityNews #SecurityBoulevard #Identity&Access #Cybersecurity #spearphishing #ransomware #Carbanak #FIN7

With it being #BlackFriday and all, I hope nobody is caught up in scams or phishing attacks while doing their (frantic!) online #shopping.

Here are a few #security and #privacy tips that I hope will help somebody:

1) If you have a coupon code, don't follow a provided link to the shopping page. Instead find the page yourself, e.g., via a #searchengine, and then input the coupon code manually.

2) Access online shops without being logged in, and without any #cookies, such that the shop cannot set prices according to #personaldata or previous purchases (yes, they do that). Except, of course, if the discount is only available when actually having an account. Attempt anonymously first.

3) An improvement to 2) is accessing online shops via #TorBrowser or similar.

4) Use a #VPN such that #ISPs and other adversaries cannot obtain or spoof information. It also protects your data, like credit card info, if you are using public a #WiFi (never do that without VPN).

5) As corollary to 4) you can even sometimes get discounts by using a different location than your own.

6) Use a #passwordmanager for your credentials such that they can be longer and harder to guess/crack. This also means you don't have to remember (or even know) them by heart.

7) Setup #MFA for your accounts such that, together with 6), it is harder for adversaries to break in and steal data and/or make automated purchases on your behalf if possible. It is highly advisable using an authenticator app instead of code-by-SMS. For further protection, you can even use #biometrics, like #fingerprints or facial scans. And/or a hardware device supporting #FIDO2/#U2F or similar.

Note that these tips are applicable also when not shopping, and I would encourage them all.

Stay safe and have an awesome Friday!

#mastodontips #feditips #profiling #personalidentifyinginformation #pii #internetserviceproviders #tor #multifactorauthentication #2fa #twofactorauthentication #yubikey