#phishing-as-a-service — Public Fediverse posts

Tycoon2FA-Phishing nutzt 2FA gegen MS365

Seit Ende April 2026 beobachten Sicherheitsexperten eine neue Welle von Phishing-Angriffen, die selbst die Zwei-Faktor-Authentifizierung (MFA) für eigene, kriminelle Zwecke nutzen.

Mehr: https://maniabel.work/archiv/1591

#2FA #Microsoft365 #PhaaS #Phishing #PhishingAsAService #Trustifi

📬 W3LL Phishing-Netzwerk zerschlagen: FBI stoppt Millionenbetrug mit 500-Dollar-Toolkit
#Cyberangriffe #DarkCommerce #AccountÜbernahme #Cybercrime #Datenklau #FBI #MultiFaktorAuthentifizierung #OnlineBetrug #Phishing #PhishingasaService #PhishingKit #W3LLPhishingNetzwerk https://sc.tarnkappe.info/a8f558

Анатомия PhaaS-кита: как коммерческая фишинговая платформа фильтрует песочницы через browser fingerprinting

Разбираем фишинговое письмо, пришедшее на адрес НКО: от SendGrid-доставки с SPF/DKIM pass до реверса JavaScript-фреймворка collector.js, который собирает GPU fingerprint, ломает WebRTC для раскрытия IP за VPN и детектирует DevTools — до того как жертва увидит фишинговую форму.

https://habr.com/ru/articles/1014420/

#phishing #phishingasaservice #browser_fingerprinting #webrtc #sendgrid #incident_response #threat_intelligence #javascript

📬 LeakBase und Tycoon 2FA abgeschaltet: Doppelschlag gegen Cybercrime-Lieferkette
#DarkCommerce #Cybercrime #CybercrimePlattformen #Datenleaks #europol #LeakBase #MehrfaktorAuthentifizierung #Phishing #PhishingasaService #Tycoon2FA https://sc.tarnkappe.info/e2c626

Microsoft, Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service Operation Targeting MS 365 https://thecyberexpress.com/raccoono365-phishing-as-a-service-operation/ #phishingasaservice #RaccoonO365 #Cloudflare #CyberNews #Microsoft

Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/2603946_156-meer-identiteitsdiefstal-hoe-phishing-as-a-service-en-infostealers-mfa-omzeilen-om-je-bankrekening-en-email-te-hacken

Podcast Spotify: https://open.spotify.com/episode/7tY2cjpUfysMeBiKTNkG4l?si=23f0908dcb314e27

Podcast Youtube: https://youtu.be/o0GcyXfFFGA

#identiteitsdiefstal #phishingasaservice #infostealers #cybercrime #Cybersecurity

De digitale dreigingen nemen in snelheid en complexiteit toe, en een van de meest zorgwekkende aanvallen is Adversary-in-the-Middle (AitM) phishing.

Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/phishing/2557618_wie-zit-er-tussen-jou-en-je-wachtwoord-de-gevaren-van-aitm-phishing-onthuld

Podcast Spotify: https://open.spotify.com/episode/4wUUyfd3JSFFgYbff3KOny?si=054a2c87cbe54176

Podcast Youtube: https://youtu.be/ngli1dXuicc

#AitMphishing #Phishing #Cybercrime #Cybersecurity #PhishingAsAService #PhaaS #ReverseProxy #MFA #MultiFactorAuthentication #BEC #BusinessEmailCompromise #Ransomware #DataProtection

FBI shared a list of phishing domains associated with the LabHost PhaaS platform – Source: securityaffairs.com https://ciso2ciso.com/fbi-shared-a-list-of-phishing-domains-associated-with-the-labhost-phaas-platform-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #PhishingasaService #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #CyberCrime #Cybercrime #PhaaS

Morphing Meerkat phishing kits exploit DNS MX records – Source: securityaffairs.com https://ciso2ciso.com/morphing-meerkat-phishing-kits-exploit-dns-mx-records-source-securityaffairs-com/ #informationsecuritynews #ITInformationSecurity #PhishingasaService #SecurityAffairscom #PierluigiPaganini #MorphingMeerkat #SecurityAffairs #BreakingNews #Phishingkits #SecurityNews #hackingnews #0CISO2CISO #CyberCrime #Cybercrime #Phishing #hacking #Malware

‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security – Source: www.techrepublic.com https://ciso2ciso.com/sneaky-log-microsoft-spoofing-scheme-sidesteps-two-factor-security-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #Businessemailcompromise #twofactorauthentication #SecurityonTechRepublic #SecurityTechRepublic #PhishingasaService #CyberSecurityNews #socialengineering #microsoftoutlook #MicrosoftOffice #Cybersecurity #Microsoft365 #Cloudflare #Microsoft #sneaky2fa

Researchers Uncover Phishing-As-A-Service Domains Associated With Tycoon 2FA https://gbhackers.com/phishing-service-tycoon-2fa/ #PhishingasaService(PhaaS) #CybersecurityThreats #CyberSecurityNews #Tycoon2FA #Phishing #Malware

This is an ad served by Google Ads. It appears superimposed on a (legitimate) web page, with the rest of the page blurred out. I didn't check to see where clicking the Open button would take me, but I doubt it's anywhere good.

Google does allow users to give feedback on this ad, but the only option is "Seen too many times”. There is no option to flag it as the blatant cross-site scripting/probable #phishing attack that it is.

#security #Google #PhishingAsAService #BadActors

Phishing-as-a-Service Rockstar 2FA continues to be prevalent – Source: securityaffairs.com https://ciso2ciso.com/phishing-as-a-service-rockstar-2fa-continues-to-be-prevalent-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #PhishingasaService #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Rockstar2FA #CyberCrime #Cybercrime #Phishing #hacking #PhaaS

Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks – Source:thehackernews.com https://ciso2ciso.com/phishing-as-a-service-rockstar-2fa-targets-microsoft-365-users-with-aitm-attacks-sourcethehackernews-com/ #rssfeedpostgeneratorecho #PhishingasaService #CyberSecurityNews #TheHackerNews

Microsoft seized 240 sites used by the ONNX phishing service – Source: securityaffairs.com https://ciso2ciso.com/microsoft-seized-240-sites-used-by-the-onnx-phishing-service-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #PhishingasaService #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #CyberCrime #Cybercrime #hacking

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft https://gbhackers.com/microsoft-seizes-240-phaas-sites/ #PhishingasaService(PhaaS) #CyberSecurityNews #cybersecurity #MicrosoftDCU #CyberCrime #Phishing

📬 iServer: Phishing-Dienst-Abschaltung folgten 17 Festnahmen
#DarkCommerce #DmitriVolkow #europol #GroupIB #iServer #OperationKaerb #PhishingasaService https://sc.tarnkappe.info/55a9fc

Global Phishing Network Busted in Major Cross-Continent Operation https://thecyberexpress.com/global-phishing-network-busted/ #TheCyberExpressNews #phishingasaservice #CyberEssentials #TheCyberExpress #OperationKaerb #FirewallDaily #CyberNews #Phishing #Europol #iServe

New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication https://gbhackers.com/phaas-platform-bypass-2fa/ #TwoFactorAuthenticationBypass #PhishingasaService(PhaaS) #TelegramBotOperations #CybersecurityThreats #CyberSecurityNews #EmailSecurity #CyberCrime #Phishing

Hackers Attacking Banking Customers Using Phishing-As-A-Service V3B Toolkit https://gbhackers.com/hackers-banking-customers-phishing-v3b-toolkit/ #PhishingasaService(PhaaS) #CyberSecurityNews #FraudPrevention #EmailSecurity #cybersecurity #CyberCrime #Phishing

📬 V3B-Phishing-Kit: Neues Cybercrime-Tool steht auf Telegram zum Verkauf
#Cyberangriffe #Malware #Cybercrime #PhishingasaService #Resecurity #Telegram #V3BPhishingKit #Vssrtje https://sc.tarnkappe.info/0b4c9b

Tycoon 2FA Attacking Microsoft 365 AND Google Users To Bypass MFA https://gbhackers.com/tycoon-2fa-phishing-mfa-bypass/ #MultifactorAuthentication #PhishingasaService #cybersecurity #Tycoon2FA #Phishing #Malware

📬 LabHost-Phishing-Dienst zerschlagen: Über 30 Festnahmen weltweit
#ITSicherheit #europol #Internetkriminalität #LabHost #OperationNebulae #PhishingasaService #PhishingKit #PhishingSeiten https://sc.tarnkappe.info/d0b959

‘Darcula’ Phishing-as-a-Service Operation Bleeds Victims Worldwide – Source: www.darkreading.com https://ciso2ciso.com/darcula-phishing-as-a-service-operation-bleeds-victims-worldwide-source-www-darkreading-com/ #rssfeedpostgeneratorecho #DarkReadingSecurity #PhishingasaService #CyberSecurityNews #DARKReading

📬 BulletProftLink: Phishinganbieter offline genommen
#OnlineBetrug #AFP #BulletProftLink #Cybercrime #FBI #Malaysia #PhishingasaService #RoyalMalaysiaPolice https://tarnkappe.info/artikel/it-sicherheit/online-betrug/bulletproftlink-phishinganbieter-offline-genommen-282609.html

📬 Telegram mutiert zur Vertriebsplattform für Phishing-Dienste
#ITSicherheit #2FA #kaspersky #OTP #Phaas #Phishing #PhishingasaService #socialengineering #Telegram https://tarnkappe.info/artikel/it-sicherheit/telegram-mutiert-zur-vertriebsplattform-fuer-phishing-dienste-272775.html

📬 EvilProxy vereinfacht Diebstahl wertvoller Login-Daten trotz MFA
#Hacking #AuthentifizierungsToken #LoginFormular #MultiFaktorAuthentifizierung #PhishingasaService #ReverseProxy #SessionCookie #TORNetzwerk https://tarnkappe.info/artikel/hacking/evilproxy-vereinfacht-diebstahl-wertvoller-login-daten-trotz-mfa-255309.html