AiTM Archives

Tycoon 2FA: How Storm-1747 Built an MFA-Bypassing Phishing Empire

Annoyed Engineer | June 4, 2025 | AiTM, Detection, detections, Intel, IR, Phishing, secops, security, Threat

We used to believe MFA was the ultimate line of defense. Then phishing kits like Tycoon 2FA showed up and proved otherwise. Unlike the crude clones of years past, Tycoon 2FA leverages ...

Annoyed Engineer

The Real Threat in the Middle: How Mid-Stage Adversaries Are Outsmarting MFA and Scaling Fast

Annoyed Engineer | June 1, 2025 | AiTM, Cloud, detections, Intel, Microsoft, Phishing, security, Uncategorized

For years, multi-factor authentication (MFA) has been the security world’s favorite answer to “what should we do about phishing?” But attackers don’t wait for the controls to get better—they evolve around them ...

Annoyed Engineer

attacks, AiTM, APT AiTM quantum attacks Raspberry Robin APT29 ransomware NATO Barracuda Networks ATO Attacks

Adversary-in-the-Middle Attacks Persist – Strategies to Lessen the Impact

Iryna Bondar | April 24, 2025 | adversary-in-the-middle, AiTM, biometric authentication, combat MFA, Fraud

Adversary-in-the-middle fraud (AiTM) represents a significant, ongoing challenge for businesses, with tactics like email hijacking, AI attacks and account takeovers becoming increasingly complex ...

Security Boulevard

detection, campaigns, threat, HEAT, managed detection and response, Apache ActiveMQ, vulnerability, Aqua Cham, threat, elGang APT Meltdown Spectre Threat Detection

Three Nation-State Campaigns Targeting Healthcare, Banking Discovered

Nathan Eddy | June 27, 2024 | AiTM, bec, MFA, Phishing, Ransomware, threat actor

Researchers have identified three distinct nation-state campaigns leveraging advanced highly evasive and adaptive threat (HEAT) tactics ...

Security Boulevard

Threat Actors Turn to AiTM to Bypass MFA

Nathan Eddy | February 14, 2023 | 2FA phishing, AiTM, bec, business email compromise, MFA

Threat actors have started moving away from authenticating via legacy protocols to bypass multifactor authentication (MFA) in Microsoft 365, according to an Expel report on cybersecurity trends. Instead, malicious actors are adopting ...

Security Boulevard

AiTM

Tycoon 2FA: How Storm-1747 Built an MFA-Bypassing Phishing Empire

The Real Threat in the Middle: How Mid-Stage Adversaries Are Outsmarting MFA and Scaling Fast

Adversary-in-the-Middle Attacks Persist – Strategies to Lessen the Impact

Three Nation-State Campaigns Targeting Healthcare, Banking Discovered

Threat Actors Turn to AiTM to Bypass MFA

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On