Archive for the ‘2FA’ Category

How social media scammers buy time to steal your 2FA codes

Phishing scams that try to trick you into putting your real password into a fake site have been around for decades. As regular Naked Security readers will know, precautions such as using a password manager and turning on two-factor authentication (2FA) can help to protect you against phishing mishaps, because: Password managers associate usernames and […]

Leave a Comment

Box flaw allowed to bypass MFA and takeover accounts

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported. Box develops and markets cloud-based content management, collaboration, and file-sharing tools for businesses. The platform supports 2FA based on an authenticator application or SMSs. Varonis Threat Labs researchers disclosed the vulnerability […]

Leave a Comment

How MFA Can Help Prevent Data Breaches

The Current Authentication Landscape To authenticate a user means to verify that the user is genuine. Classically, the way to authenticate a user is to request their login credentials and ensure those credentials match the credentials stored in your directory service or authentication server. The full history and background of authentication is more complex, but that’s the […]

Leave a Comment

Problems with Multifactor Authentication

Leave a Comment

THE FULL STORY OF THE 2011 RSA HACK CAN FINALLY BE TOLD

THE FULL STORY OF THE 2011 RSA HACK CAN FINALLY BE TOLD – Wired

Leave a Comment

Using IAM Solutions to Beat Deepfakes and Fraud

AI and ML technologies have made great strides in helping organizations with cybersecurity, as well as with other tasks like chatbots that help with customer service. Cybercriminals have also made great strides in using AI and ML for fraud. “Today, fraud can happen without stealing someone else’s identity because fraudsters can create ‘synthetic identities’ with […]

Leave a Comment

Credential stuffing attack hit RIPE NCC: Members have to enable 2FA

RIPE NCC announced to have suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts. The RIPE NCC is a not-for-profit membership association, a Regional Internet Registry and the secretariat for the RIPE community supporting the Internet through technical coordination. It has over 20,000 members from over 75 countries who act as Local […]

Leave a Comment

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys via The Hacker News

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication (2FA) device can clone it by exploiting an electromagnetic side-channel in the chip embedded in […]

Leave a Comment

Remember the Titans: Yubico jangles new NFC and USB-C touting security key

Apple crowd included – as NFC can now be used for something other than Apple Pay Apple crowd included – as NFC can now be used for something other than Apple Pay Security token biz Yubico has a new key out today, its latest-generation two-factor encryption (2FA) authentication unit, the Yubico 5C NFC, which includes […]

Leave a Comment

Two-factor authentication: A cheat sheet

A password alone will not protect sensitive information from hackers–two-factor authentication is also necessary. Here’s what security pros and users need to know about two-factor authentication. Source: Two-factor authentication: A cheat sheet  Subscribe in a reader

Leave a Comment

Google’s most secure logon system now works on Firefox and Edge, not just Chrome

Better hardware security key support means our post-password future is one step closer to reality. Source: Google’s most secure logon system now works on Firefox and Edge, not just Chrome Subscribe to DISC InfoSec blog by Email

Leave a Comment

How to set up two-factor authentication on all your online accounts

2FA is an important step in preventing your account from being accessed by unauthorized users — here’s how to enable 2FA on your accounts across the web. Source: How to set up two-factor authentication on all your online accounts  

Leave a Comment