{"id":11611,"date":"2024-03-29T16:27:25","date_gmt":"2024-03-29T03:27:25","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=11611"},"modified":"2024-03-29T16:27:25","modified_gmt":"2024-03-29T03:27:25","slug":"is-mfa-enough-the-need-for-multiple-cyber-security-layers","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=11611","title":{"rendered":"Is MFA enough? – the need for multiple cyber security layers."},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”4.24.2″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row column_structure=”3_4,1_4″ disabled_on=”on|off|off” _builder_version=”4.24.2″ _module_preset=”default” background_image=”\/wp-content\/uploads\/2024\/03\/MFAvsHacker.png” background_position=”center_right” background_horizontal_offset=”46%” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”3_4″ _builder_version=”4.24.2″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.24.2″ _module_preset=”default” background_color=”rgba(255,255,255,0.86)” custom_margin=”20px|20px|20px|20px|false|false” custom_padding=”20px|20px|20px|20px|false|false” border_radii=”on|20px|20px|20px|20px” border_width_all=”3px” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

At Kinetics, we’ve always emphasized the importance of multi-factor authentication (MFA) as a critical layer in cybersecurity. Without MFA, it’s only a matter of time before you fall victim to a cyber attack.<\/p>\n

However, as we’ve also mentioned, no single defense is enough. Cybersecurity needs to be layered, and that includes MFA.<\/p>\n

Without MFA, you WILL get hacked – it is only a matter of time.<\/h2>\n

BuT MFA by itself is not enough.<\/h3>\n

Recently, cybercriminals have been using a platform called “Tycoon 2FA phishing-as-a-service” to target Microsoft 365 and Gmail accounts, bypassing two-factor authentication. This platform is similar to early hacks like “Dadsec,” indicating code-sharing among the hacker community.<\/p>\n

The latest version of Tycoon 2FA, released in 2024, shows a continuous effort to improve its stealth capabilities. It leverages 1,100 domains and has been identified in numerous phishing attacks. These attacks typically follow a multi-step process:<\/p>\n

    \n
  1. Attackers distribute malicious links via emails with embedded URLs or QR codes, tricking victims into accessing phishing pages.<\/li>\n
  2. A security challenge filters out bots, allowing only human interactions to proceed to the deceptive phishing site.<\/li>\n
  3. Background scripts extract the victim’s email from the URL to customize the phishing attack.<\/li>\n
  4. Users are quietly redirected to another part of the phishing site, moving them closer to the fake login page. This presents a fake Microsoft or Google login page to steal credentials.<\/li>\n
  5. The kit mimics a 2FA challenge, intercepting the 2FA token or response to bypass security measures.<\/li>\n
  6. Finally, victims are directed to a legitimate-looking page, obscuring the phishing attack’s success.<\/li>\n<\/ol>\n

    At Kinetics, our KARE Foundation<\/a> defends you with DNS scrubbing, a browser extension, and geo-blocking, among other tools, to protect your organization from these types of attacks. Stay vigilant and stay protected with Kinetics.<\/strong><\/p>\n

    Read more:<\/h3>\n

    https:\/\/www.bleepingcomputer.com\/ne…ing-kit-targets-microsoft-365-gmail-accounts\/<\/a><\/p>\n

    https:\/\/blog.sekoia.io\/tycoon-2fa-a…-the-latest-version-of-the-aitm-phishing-kit\/<\/a><\/p>\n

    [\/et_pb_text][\/et_pb_column][et_pb_column type=”1_4″ _builder_version=”4.24.2″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”3_4,1_4″ disabled_on=”off|on|on” _builder_version=”4.24.2″ _module_preset=”default” background_enable_image=”off” background_position=”center_right” background_horizontal_offset=”46%” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”3_4″ _builder_version=”4.24.2″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.24.2″ _module_preset=”default” background_color=”rgba(255,255,255,0.86)” custom_margin=”5px|5px|5px|5px|false|false” custom_padding=”5px|5px|5px|5px|false|false” border_radii=”on|20px|20px|20px|20px” border_width_all=”0px” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

    At Kinetics, we’ve always emphasized the importance of multi-factor authentication (MFA) as a critical layer in cybersecurity. Without MFA, it’s only a matter of time before you fall victim to a cyber attack.<\/p>\n

    However, as we’ve also mentioned, no single defense is enough. Cybersecurity needs to be layered, and that includes MFA.<\/p>\n

    Without MFA, you WILL get hacked – it is only a matter of time.<\/h2>\n

    BuT MFA by itself is not enough.<\/h3>\n

    Recently, cybercriminals have been using a platform called “Tycoon 2FA phishing-as-a-service” to target Microsoft 365 and Gmail accounts, bypassing two-factor authentication. This platform is similar to early hacks like “Dadsec,” indicating code-sharing among the hacker community.<\/p>\n

    The latest version of Tycoon 2FA, released in 2024, shows a continuous effort to improve its stealth capabilities. It leverages 1,100 domains and has been identified in numerous phishing attacks. These attacks typically follow a multi-step process:<\/p>\n

      \n
    1. Attackers distribute malicious links via emails with embedded URLs or QR codes, tricking victims into accessing phishing pages.<\/li>\n
    2. A security challenge filters out bots, allowing only human interactions to proceed to the deceptive phishing site.<\/li>\n
    3. Background scripts extract the victim’s email from the URL to customize the phishing attack.<\/li>\n
    4. Users are quietly redirected to another part of the phishing site, moving them closer to the fake login page. This presents a fake Microsoft or Google login page to steal credentials.<\/li>\n
    5. The kit mimics a 2FA challenge, intercepting the 2FA token or response to bypass security measures.<\/li>\n
    6. Finally, victims are directed to a legitimate-looking page, obscuring the phishing attack’s success.<\/li>\n<\/ol>\n

      At Kinetics, our KARE Foundation<\/a> defends you with DNS scrubbing, a browser extension, and geo-blocking, among other tools, to protect your organization from these types of attacks. Stay vigilant and stay protected with Kinetics.<\/strong><\/p>\n

      Read more:<\/h3>\n

      https:\/\/www.bleepingcomputer.com\/ne…ing-kit-targets-microsoft-365-gmail-accounts\/<\/a><\/p>\n

      https:\/\/blog.sekoia.io\/tycoon-2fa-a…-the-latest-version-of-the-aitm-phishing-kit\/<\/a><\/p>\n

      [\/et_pb_text][\/et_pb_column][et_pb_column type=”1_4″ _builder_version=”4.24.2″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

      At Kinetics, we’ve always emphasized the importance of multi-factor authentication (MFA) as a critical layer in cybersecurity. Without MFA, it’s only a matter of time before you fall victim to a cyber attack. However, as we’ve also mentioned, no single defense is enough. Cybersecurity needs to be layered, and that includes MFA. Without MFA, you […]<\/p>\n","protected":false},"author":5,"featured_media":11613,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-11611","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/11611","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11611"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/11611\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11611"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11611"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}