The threat landscape just got more complex. The Scattered LAPSUS$ Hunters-alliance has re-emerged, merging the tactics of notorious groups. This isn’t just a name change; it’s a shift toward professionalized, identity-centric extortion. What you need to know: High-Value Targets: Focused on enterprises with $500M+ revenue, specifically in Cloud, Telecom, and Finance.Identity is the Perimeter: They specialize in "logging in" rather than "hacking in," using advanced vishing (voice phishing) a...
All content for CYFIRMA Research is the property of CYFIRMA and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
The threat landscape just got more complex. The Scattered LAPSUS$ Hunters-alliance has re-emerged, merging the tactics of notorious groups. This isn’t just a name change; it’s a shift toward professionalized, identity-centric extortion. What you need to know: High-Value Targets: Focused on enterprises with $500M+ revenue, specifically in Cloud, Telecom, and Finance.Identity is the Perimeter: They specialize in "logging in" rather than "hacking in," using advanced vishing (voice phishing) a...
CYFIRMA Research: Tycoon 2FA- A Technical Analysis of its Adversary-in-the-Middle Phishing Operation
CYFIRMA Research
3 minutes
1 month ago
CYFIRMA Research: Tycoon 2FA- A Technical Analysis of its Adversary-in-the-Middle Phishing Operation
Tycoon 2FA - The Phishing-as-a-Service Platform Our latest technical deep-dive reveals how Tycoon 2FA, a sophisticated Phishing-as-a-Service (PhaaS) platform, is successfully evading detection and bypassing multi-factor authentication (MFA) to compromise enterprise cloud environments. This isn't just another phishing kit. It's an Adversary-in-the-Middle (AitM) framework that captures session tokens in real-time, making traditional MFA like SMS, TOTP apps, and push notifications ineffective...
CYFIRMA Research
The threat landscape just got more complex. The Scattered LAPSUS$ Hunters-alliance has re-emerged, merging the tactics of notorious groups. This isn’t just a name change; it’s a shift toward professionalized, identity-centric extortion. What you need to know: High-Value Targets: Focused on enterprises with $500M+ revenue, specifically in Cloud, Telecom, and Finance.Identity is the Perimeter: They specialize in "logging in" rather than "hacking in," using advanced vishing (voice phishing) a...
