Social EngineeringBleeping Computer
8.0 — CRITICAL
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
Tycoon2FA, a phishing kit, has resumed operations after being rebuilt on new infrastructure following an international law enforcement operation in March, and is now using device-code phishing attacks to hijack Microsoft 365 accounts.
⚙️Technical Details
💥Impact Assessment
Severity: high
Who Is at Risk
Microsoft 365 users, particularly those with enabled two-factor authentication
🛡️Recommended Actions
1Disable the OAuth device code flow when not needed
2Restrict OAuth consent permissions
3Enable Continuous Access Evaluation (CAE)
📦Affected Products
Software: Microsoft 365
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.