Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit

Pinterest Visual Bookmark: The link leads to a page hosted on Pinterest, displaying a Microsoft logo and a “Visit” button. Fake Timesheet Notification: According to SpiderLabs’ post on X, the attack begins with an email titled “Timesheet Report,” claiming new information has been added to the recipient’s timesheet. Obfuscated Code: The phishing pages use heavily obfuscated JavaScript and HTML code, making it difficult for security tools and analysts to detect malicious intent. The email includes a “View Timesheet” button, which redirects the user to a Pinterest Visual Bookmark link. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Session Cookie Harvesting: Tycoon 2FA intercepts session cookies from Microsoft 365 or Gmail accounts, allowing attackers to bypass MFA even if it’s enabled. Cloudflare CAPTCHA Challenge: Clicking “Visit” redirects users to a page with a Cloudflare CAPTCHA challenge. Fake Microsoft Login Page: After completing the CAPTCHA, users are taken to a fake Microsoft login page. First identified in August 2023, it has evolved significantly to bypass MFA protections, making it one of the most advanced phishing kits in circulation. Spider labs warn users to stay vigilant as these attacks aim to bypass Multi-Factor Authentication (MFA) and harvest sensitive credentials. By exploiting trusted platforms like Pinterest and bypassing MFA protections, attackers are making it harder for traditional defenses to keep up. Traffic Filtering: The phishing kit employs advanced traffic filtering techniques, such as blocking datacenter IPs, Tor traffic, and specific bot user agents. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 18 Feb 2025 06:40:06 +0000


Cyber News related to Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit

Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit - Pinterest Visual Bookmark: The link leads to a page hosted on Pinterest, displaying a Microsoft logo and a “Visit” button. Fake Timesheet Notification: According to SpiderLabs’ post on X, the attack begins with an email titled ...
1 month ago Cybersecuritynews.com
New Astaroth 2FA Phishing Kit Targeting Gmail, Yahoo, Office 365, and 3rd-Party Logins - To safeguard against sophisticated phishing attacks like the Astaroth 2FA phishing kit, users should create strong, unique passwords, enable two-factor authentication (2FA) using authenticator apps, and exercise caution when handling links or ...
1 month ago Cybersecuritynews.com
10 Best Email Security Gateways in 2025 - Barracuda Email Security Gateway is a solution that helps protect organizations from email-borne threats such as spam, viruses, phishing, and other malicious content. It uses various methods, including filtering, encryption, and sandboxing, to ...
3 weeks ago Cybersecuritynews.com
MFA vs 2FA: Which Is Best for Your Business? - If a user falls for a phishing scam and their credentials are compromised, multi-factor authentication or two-factor authentication provide an additional safeguard against a breach. MFA uses authentication factors such as a pin, an SMS code, an ...
1 year ago Techrepublic.com
The 6 Best Email Security Software & Tools of 2024 - To guarantee full protection against email threats, important features to consider when picking an email security solution include email filtering and spam detection, sandboxing, mobile support, advanced machine learning, and data loss prevention. ...
5 months ago Esecurityplanet.com
Accelerating Cloud-Native Data Security Deployments at Scale with Imperva's eDSF Kit - Elastic DSF is the vision of DSF. The first phase of this vision is creating automatic, click of a button processes to deploy and upgrade DSF with the introduction of Imperva eDSF Kit. eDSF Kit simplifies the product deployment, upgrades, and ongoing ...
1 year ago Imperva.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
New phishing attack steals your Instagram backup codes to bypass 2FA - A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account. Two-factor authentication is a ...
1 year ago Bleepingcomputer.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
GitHub warns users to enable 2FA before upcoming deadline - GitHub is warning users that they will soon have limited functionality on the site if they do not enable two-factor authentication on their accounts. In emails sent to GitHub users on Christmas Eve, the company warned that all users contributing code ...
1 year ago Bleepingcomputer.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
10 months ago Hackread.com
Beware: PayPal "New Address" feature abused to send phishing emails - The email includes the new address that was allegedly added to your PayPal account, including a message claiming to be a purchase confirmation for a MacBook M4, and to call the enclosed PayPal number if you did not authorize the purchase. The goal of ...
3 weeks ago Bleepingcomputer.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
1 year ago Netcraft.com
Coinbase phishing email tricks users with fake wallet migration - A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. Instead, the phishing email includes a recovery phrase, which ...
6 days ago Bleepingcomputer.com
Phishing Campaign Targets Instagram Users, Steals Backup Codes and Circumvent 2FA Protection - A recent phishing scheme has emerged, posing as a 'copyright infringement' email to deceive Instagram users and pilfer their backup codes. These codes, integral for the recovery of accounts, are used to circumvent the two-factor authentication ...
1 year ago Cysecurity.news
Email Security Trends And Predictions in 2024 - One of the most critical aspects of this broad topic is email security. Email security refers to the collective measures used to secure the access and content of an email account or service. An email service provider implements email security to ...
1 year ago Cybersecuritynews.com
Mandiant says X account brute forced without 2FA protection The Register - Well, Mandiant's carefully worded response basically said it wasn't implemented. It didn't specifically point to the policy change X announced in February 2023, which was to disable SMS-based 2FA for users who didn't pay for Twitter Blue, but some ...
1 year ago Go.theregister.com
Payoneer accounts in Argentina hacked in 2FA bypass attacks - Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a financial services platform providing online money ...
1 year ago Bleepingcomputer.com
Tycoon2FA Phishkit Updates Tactics with PDF Lures and Redirects - Tycoon is back with a new phishing trick! The threat group has updated its tactics, using PDF lures and clever redirects to steal credentials. The script first displays a Cloudflare “Verify You’re a Human” check: a common tactic used to ...
1 week ago Cybersecuritynews.com
Business Email Compromise Scams: Prevention and Response - We will also highlight red flags to watch out for in suspicious emails, emphasizing the importance of implementing robust email authentication methods and comprehensive employee training programs to enhance awareness and response capabilities. BEC ...
1 year ago Securityzap.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
9 months ago Hackread.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)