MFA - Cybersec Sentinel

MFA

A collection of 3 posts

Astaroth Phishing Kit Exploits 2FA Weaknesses in Gmail and O365

Astaroth Phishing Kit Exploits 2FA Weaknesses in Gmail and O365

Threat Group: Unknown Threat Type: Phishing Kit Exploited Vulnerabilities: Session Hijacking, Reverse Proxy Techniques Malware Used: Astaroth Phishing Kit Threat Score: High (8.9/10) – Due to its sophisticated methods of bypassing two-factor authentication (2FA) and real-time credential interception, posing significant risks to user accounts. Last Threat Observation: February 26

FlowerStorm Phishing Service Gains Traction After Rockstar2FA Shutdown

FlowerStorm Phishing Service Gains Traction After Rockstar2FA Shutdown

Threat Group: FlowerStorm Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: FlowerStorm phishing kit Threat Score: High (8.5/10) – Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: December 20, 2024 Overview The cybersecurity

Rockstar 2FA Phishing Kit Empowers Hackers to Bypass MFA Defenses

Rockstar 2FA Phishing Kit Empowers Hackers to Bypass MFA Defenses

Threat Group: Storm-1575 Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: Rockstar 2FA phishing kit Threat Score: High (8.5/10) — Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: November 30, 2024 Overview The