---
title: "LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02, 2026] | DuoCircle"
description: "LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/"
---

Quick Answer

Week ending March 2, 2026 covered: a March 1 phishing campaign against LastPass users using display-name spoofing to imitate customer-support messages about unauthorized account activity, redirecting victims to a fake Single Sign-On page; an Amazon outage in the US with roughly 22,000 reports on Downdetector, suspected by users to be linked to a March 2 AWS Middle East infrastructure failure caused by physical damage to a UAE data center; a UK NCSC advisory urging organizations supplying Middle East companies to prepare for state-sponsored collateral attacks and sign up for the Early Warning Service; and a Europol-led takedown of the Tycoon 2FA Phishing-as-a-Service platform with Microsoft, Cloudflare, and Trend Micro, seizing 300+ malicious domains and arresting operators (Tycoon had run roughly 96,000 phishing attempts since 2023, sold for around $120, and bypassed MFA via fake login pages and AiTM tactics). The post recommends SPF, DKIM, and DMARC to limit spoofing.

LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News \[March 02, 2026\]

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2026/03/LastPass-Users-Phished-Amazon-Down-US-UK-Cybersecurity-Boost---Cybersecurity-News-March-02-2026.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-10-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=LastPass%20Users%20Phished%2C%20Amazon%20Down%20US%2C%20UK%20Cybersecurity%20Boost%2C%20Cybersecurity%20News%20%5BMarch%2002%2C%202026%5D&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-10-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-10-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-10-of-2026%2F&title=LastPass%20Users%20Phished%2C%20Amazon%20Down%20US%2C%20UK%20Cybersecurity%20Boost%2C%20Cybersecurity%20News%20%5BMarch%2002%2C%202026%5D "Share on Reddit") [ ](mailto:?subject=LastPass%20Users%20Phished%2C%20Amazon%20Down%20US%2C%20UK%20Cybersecurity%20Boost%2C%20Cybersecurity%20News%20%5BMarch%2002%2C%202026%5D&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-10-of-2026%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/images/2026/03/email-smtp-service-6670.jpg) 

Here are the top four cybersecurity news stories from this week that you should be aware of. LastPass users have been targeted by threat actors, while US Amazon users experienced a massive outage this Thursday. The NCSC has urged **UK enterprises to strengthen** their [cybersecurity](/) systems. Meanwhile, Europol has managed to disrupt the notorious [Tycoon 2FA phishing gang](https://thehackernews.com/2026/03/europol-led-operation-takes-down-tycoon.html).

## LastPass users fell prey to a phishing scam!

March has not been very **pleasant for LastPass users**. This password management tool was targeted by phishing actors on March 1\. The threat intelligence department at LastPass detected this new threat campaign. A group of threat actors had managed to impersonate LastPass customer support executives by sending [fake emails](https://www.darkreading.com/endpoint-security/6-4-billion-fake-emails-sent-each-day). 

The ultimate goal of these emails is to persuade the recipients to **share sensitive personal details**. The [threat actors](/email-security/what-threat-actor-can-do-with-your-emails-without-password/) successfully managed to impersonate LastPass’ internal messages. _These messages were mostly about unauthorized activity on accounts_.

They were following the traditional social engineering trick of creating a sense of fake urgency to compel victims to share their data.

The campaign involves the strategy of display-name spoofing. This means that in place of the original sender, the name of LastPass would appear to earn the trust of the victims. The email focuses on [suspicious activity](https://www.bloomberg.com/news/articles/2026-03-05/fbi-found-suspicious-activity-on-its-computer-networks) and urges recipients to **take immediate action**. These emails include malicious links that would redirect the victims to a [fake Single Sign-On page](https://www.techradar.com/pro/security/massive-identity-theft-campaign-targeting-okta-single-sign-on-at-over-100-top-businesses-make-sure-your-firm-stays-safe). 

[![LastPass Phishing Scam Alert](https://media.mailhop.org/duocircle/images/2026/03/SPF-record-checker-4377.jpg)](https://media.mailhop.org/duocircle/images/2026/03/SPF-record-checker-4377.jpg)

Ever since the cyber incident, LastPass has been working closely with **third-party partners** to identify the real culprits. However, it has also issued an advisory for all its users and has requested them to stay vigilant and practice cyber hygiene.

## E-commerce platform Amazon is down for US users, is it a cyberattack?

Thousands of Amazon users in the US were affected this Thursday as the e-commerce platform was down. **Online outage-tracking tools** like Downdetector confirmed that as many as 22,000 outage instanceshave already been reported.

Users are facing issues such as difficulty checking out, logging in, or even browsing products of their choice. **Social media platforms** are rife with claims that [Amazon was hacked](https://www.bleepingcomputer.com/news/technology/amazon-drone-strikes-damaged-aws-data-centers-in-middle-east/) amid the Middle East tensions. Some users believe it is part of cyber warfare.

Amazon has been tight-lipped and shared no confirmation around the hacking claim. They have not shared the exact reason for the **outage either**.

However, Amazon Web Series suffered a major infrastructure failure in the **Middle East region on March 2**. This physical damage led to a widespread outage that affected networking, storage services, and EC2 instances. 

[![Amazon Outage Spike](https://media.mailhop.org/duocircle/images/2026/03/spf-record-4378.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-record-4378.jpg)

Authorities have claimed that a fire at a UAE data center was caused by an external object striking the facility, disrupting the **primary power and backup generators**. 

Experts believe that the physical damage can be followed by [cyberattacks](https://www.cnbc.com/2026/03/03/iran-cisa-cybersecurity-war-threat.html) and have urged authorities to stay vigilant and proactive. 

Users strongly believe that there’s a connection between the Middle East AWS physical damage and the latest Amazon outage incident in the US. There is no information available on when Amazon will be up and working again in the US.

## UK organizations bolster cybersecurity systems under the observation of NCSC

_The ongoing conflict in the Middle East has created ripples across the global cybersecurity landscape_. Although there’s currently no direct connection between regional tensions and the UK cybersecurity ecosystem, the [NCSC (National Cyber Security Centre)](https://en.wikipedia.org/wiki/National%5FCyber%5FSecurity%5FCentre%5F%28United%5FKingdom%29) has urged UK organizations to be vigilant and take necessary action.

Given the speed at which regional tensions are escalating, NCSC believes that UK-based organizations and entities that form part of the supply chain distribution network for **Middle East companies** can be extremely vulnerable. Experts believe that it is highly likely for state-sponsored threat actors to target UK enterprises as part of cyber warfare.

[![UK NCSC Security Warning](https://media.mailhop.org/duocircle/images/2026/03/spf-record-check-4379.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-record-check-4379.jpg)

NCSC has urged UK organizations to bolster their cybersecurity mechanisms immediately. Keeping a close eye on the external attack surface is also recommended. These enterprises have also been **advised to start prepping** for responding to any collateral impacts instigated by the [state-sponsored hacktivists](https://www.scworld.com/news/state-sponsored-hacktivist-activity-poised-to-have-a-banner-year).

UK organizations will also be signing up for the **Early Warning Service by NCSC** in order to receive real-time notifications in case of any cybersecurity mishap. 

## Tycoon 2FA phishing services infrastructure dismantled by Europol!

Europol has finally managed to take down the [IT infrastructure](https://www.ibm.com/think/topics/infrastructure) of Tycoon 2FA. They have been operating as a **Phishing-as-a-Service platform** since 2023\. So far, Tycoon has managed to target millions of global internet users. 

Europol is known for its efficacy in battling organized cybercrime. _This time, it joined hands with renowned tech giants like Microsoft, Cloudflare, and Trend Micro_. This successful operation by Europol resulted in the closure of over [300](https://www.cybersecurity-insiders.com/europol-seizes-tycoon-2fa-phishing-service-infrastructure-in-coordinated-operation/) malicious domains. These domains were being used by the Tycoon gang to host [fake login pages](https://www.malwarebytes.com/blog/news/2025/11/attackers-are-using-sneaky-2fa-to-create-fake-sign-in-windows-that-look-real). These pages are generally designed to impersonate big industry names. They trick the victims into entering sensitive data like **login credentials and authentication codes**. Dismantling these fake domains means significantly curbing the PaaS platform’s ability to run further malicious campaigns.

[![cybersecurity news](https://media.mailhop.org/duocircle/images/2026/03/smtp-service-5676.jpg)](https://media.mailhop.org/duocircle/images/2026/03/smtp-service-5676.jpg)

The **CIEP or Cyber Intelligence Extension Programme** conducted this crucial operation against Tycoon. The investigators involved in the operation successfully seized the same servers that were used to power the phishing infrastructure. They have also been able to detect and apprehend the threat actors who are believed to be directly a part of the PaaS ecosystem. 

This operation by Europol once again reminds us of the fact that global coordination between **private technology firms** and law enforcement agencies can effectively curb intricate cybercrime ecosystems.

Implementing [SPF](/content/sender-policy-framework), [DKIM](/resources/what-is-dkim), and [DMARC](/resources/what-is-dmarc) helps protect email systems from spoofing, phishing, and unauthorized senders.

_Tycoon 2FA used to offer phishing services and associated tools to interested threat actors at an extremely low fee (approximately $120)_. With the help of these tools, cybercriminals could easily bypass [MultiFactor Authentication](https://www.techtarget.com/searchsecurity/definition/multifactor-authentication-MFA) systems by **evading security setups** like SMS verification codes and authenticator app tokens. Also, Tycoon 2FA used to operate on a large scale and had managed to carry out a whopping 96,000 phishing attempts in just three years.

## Topics

cyber securityDKIMDMARCNewsSecurityspfUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 6m  Vapor Apps Malware, Coinbase Phishing Scam, Medusa Ransomware Attack , Cybersecurity News \[March 17, 2025\]  Mar 24, 2025 ](/blog/announcements/cyber-security-news-update-week-13-of-2025/)[  News 6m  PowerSchool Data Extortion, Cellcom Cyberattack Confirmed, Hackers Exploit Gaps, Cybersecurity News \[May 19, 2025\]  May 26, 2025 ](/blog/announcements/cyber-security-news-update-week-22-of-2025/)[  News 6m  GitHub Backdoor Threat, Cartier Data Breach, Fake RubyGems Steal, Cybersecurity News \[June 02, 2025\]  Jun 9, 2025 ](/blog/announcements/cyber-security-news-update-week-24-of-2025/)[  News 6m  Lumma Infostealer Returns, Coyote Malware Exploits, Interlock Ransomware Alert, Cybersecurity News \[July 21, 2025\]  Jul 28, 2025 ](/blog/announcements/cyber-security-news-update-week-31-of-2025/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02, 2026]","description":"LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/","datePublished":"2026-03-09T14:20:08.000Z","dateModified":"2026-03-10T17:24:54.000Z","dateCreated":"2026-03-09T14:20:08.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/"},"articleSection":"announcements","keywords":"cyber security, DKIM, DMARC, News, Security, spf, Updates","wordCount":1004,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/03/email-smtp-service-6670.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02, 2026]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02, 2026]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02, 2026]","description":"LastPass Users Phished, Amazon Down US, UK Cybersecurity Boost, Cybersecurity News [March 02.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/","datePublished":"2026-03-09T14:20:08.000Z","dateModified":"2026-03-10T17:24:54.000Z","dateCreated":"2026-03-09T14:20:08.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-10-of-2026/"},"articleSection":"announcements","keywords":"cyber security, DKIM, DMARC, News, Security, spf, Updates","wordCount":1004,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/03/email-smtp-service-6670.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```