Bleeping Computer

Attackers bypass Coinbase and MetaMask 2FA via TeamViewer, fake support chat

A crypto-stealing phishing campaign is underway to bypass multi-factor authentication and gain access to accounts on Coinbase, MetaMask, Crypto.com, and KuCoin and steal cryptocurrency. The threat ...
Forbes

Google And Microsoft Users Warned As New 2FA Bypass Attacks Reported

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, Dec. 25, 2024: This story, originally published Dec.
Forbes

New 2FA Security Warning—30 Million Authentication Cookies Up For Sale

Update, Dec. 03, 2024: This story, originally published Dec. 02, now updated to reflect the 2FA-bypass security threat beyond Black Friday and Cyber Monday. The busiest period of online shopping, ...
Security Boulevard

ConsentFix v3 Automates OAuth Abuse to Bypass MFA and Hijack Azure Accounts

What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 ...
wjla

'Pass the Cookie': Expert explains how hackers bypass multi-factor authentication

WASHINGTON (7News) — Hackers are finding ways around two-step verification -- It’s called a “Pass the Cookie” attack and it’s a way for hackers to get into all sorts of sites, including banking and ...
Bleeping Computer

New phishing attack steals your Instagram backup codes to bypass 2FA

A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on ...
SiliconANGLE

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication

Cybersecurity researchers at Sekoia ApS’ Threat Detection & Research team are warning of a new phishing kit linked to the adversary-in-the-middle technique that is being utilized by multiple threat ...