2fa – Page 6 – PossibleThreat Articles

Twitter used 2FA phone numbers for targeted advertising

October 10, 2019 0 Comments 2-factor Authentication, 2fa, facebook, login verification, PII, Privacy, SMS, social media, Social networks, tailored audiences, twitter

Credit to Author: John E Dunn| Date: Thu, 10 Oct 2019 11:44:31 +0000

Twitter may have “inadvertently” handed phone and email data from some users to advertisers as part of its Tailored Audiences system that targets users’ feeds with ads.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/28JZN9DLRbI” height=”1″ width=”1″ alt=””/>

Security Sophos

“Influencers” de YouTube obtienen tokens 2FA con phishing

October 7, 2019 0 Comments 2fa, actualidad, autenticación, redes sociales, youtube

Credit to Author: Naked Security| Date: Wed, 25 Sep 2019 10:22:04 +0000

Una ola de secuestros de cuentas de YouTubers atacó a usuarios de alto perfil, muchos de ellos en la comunidad de auto-tuning y reseñas de automóviles, a pesar de estar algunos de ellos protegidos por la autenticación de dos factores (2FA), informó ZDNet. . Catalin Cimpanu de ZDNet publicó enlaces a docenas de publicaciones de […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/54RUipL5BQw” height=”1″ width=”1″ alt=””/>

Security Sophos

YouTube ‘influencers’ get 2FA tokens phished

September 24, 2019 0 Comments 2-factor Authentication, 2fa, account hijacking, Google, modlishka, otp, reverse proxy toolkit, security threats, Social networks, titan, two-factor authentication, u2f, youtube, yubico

Credit to Author: Lisa Vaas| Date: Tue, 24 Sep 2019 14:50:29 +0000

100K or so creators in the YouTube car community were targeted by a phishing campaign that captured 2FA codes.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/G-FEjS09n3I” height=”1″ width=”1″ alt=””/>

Security Sophos

Instagram phish poses as copyright infringement warning – don’t click!

September 24, 2019 0 Comments 2fa, Instagram, phishing

Credit to Author: Paul Ducklin| Date: Tue, 24 Sep 2019 09:26:39 +0000

Your Instagram account has value to the crooks – so they’re coming up with some cunning tricks to get at your passsword.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Gsj6ZQF0XFA” height=”1″ width=”1″ alt=””/>

Security Sophos

Google fixes Chromebook 2FA flaw in ‘built-in security key’

September 16, 2019 0 Comments 2-factor Authentication, 2fa, chrome os, chromebook, fido u2f, Google, security threats, Technologies, two-factor authentication, u2f, vulnerability

Credit to Author: John E Dunn| Date: Mon, 16 Sep 2019 11:35:33 +0000

Google has discovered a flaw in a Chromebook security feature which allows owners to press their device’s power button to initiate U2F 2FA.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/wxhr_hHEAl8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Twitter turns off SMS texting after @Jack hijacking

September 6, 2019 0 Comments @jack, 2-factor Authentication, 2fa, account hijack, account hijacking, Celebrities, Hacked, Jack Dorsey, MFA, security threats, SIM swaps, SMS, Social networks, twitter

Credit to Author: Lisa Vaas| Date: Fri, 06 Sep 2019 09:41:13 +0000

Two problems, Twitter says: vulnerabilities that mobile carriers need to fix & its reliance on linked numbers for 2FA.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/2v_2dm33u_g” height=”1″ width=”1″ alt=””/>

MalwareBytes Security

5 simple steps to securing your remote employees

September 4, 2019 0 Comments 2fa, approved device list, bring your own device, Business, byod, encryption, Find my iPhone, Find my Mobile, governance, IDG Connect, jailbreak, man-in-the-middle, man-in-the-middle attack, multi-factor authentication, passcode, password, public Wi-Fi, RBAC, remote, remote employees, remote wiping, remote workforce, role-based access control, single sign-on, sso, two-factor authentication, vpn

Credit to Author: David Ruiz| Date: Wed, 04 Sep 2019 14:06:26 +0000

Modern businesses require modern cybersecurity, and modern cybersecurity means more than just implementing the latest tech. It also means implementing good governance.

Categories:

Business

Tags: 2fa approved device list bring your own device byod encryption Find my iPhone Find my Mobile governance IDG Connect jailbreak man-in-the-middle man-in-the-middle attack multi-factor authentication passcode password public Wi-Fi RBAC remote remote employees remote wiping remote workforce role-based access control single sign-on sso two-factor authentication vpn

(Read more…)

The post 5 simple steps to securing your remote employees appeared first on Malwarebytes Labs.

MalwareBytes Security

TrickBot adds new trick to its arsenal: tampering with trusted texts

September 3, 2019 0 Comments 2fa, account takeover fraud, ATO, Authy, C&C, Dell Secureworks, dynamic webinject, dyreza, emotet, Eternal Romance, EternalBlue, EternalChampion, Gold Blackburn, Google Authenticator, hasherezade, point-of-sale, port-out fraud, POS, SIM hijacking, SIM swapping, Sprint, T-Mobile, thetrick, trickbot, trickloader, trickster, Trojan.TrickBot, Trojans, two-factor authentication, Verizon Wireless

Credit to Author: Jovi Umawing| Date: Tue, 03 Sep 2019 15:26:01 +0000

TrickBot’s latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.

Categories:

Trojans

Tags: 2fa account takeover fraud ATO Authy C&C Dell Secureworks dynamic webinject dyreza emotet Eternal Romance EternalBlue EternalChampion Gold Blackburn Google Authenticator hasherezade point-of-sale port-out fraud POS SIM hijacking SIM swapping Sprint T-Mobile thetrick trickbot trickloader trickster Trojan.TrickBot two-factor authentication Verizon Wireless

Independent Krebs

The Risk of Weak Online Banking Passwords

August 27, 2019 0 Comments 2fa, Aite Group, alex holden, Alissa Knight, Brian Costello, Financial Data Exchange, Hold Security, Latest Warnings, Mint, Paypal, Plaid, The Coming Storm, YNAB, Yodlee, Zelle

Credit to Author: BrianKrebs| Date: Mon, 05 Aug 2019 14:04:27 +0000

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint, Plaid, Yodlee, YNAB and others to surveil and drain consumer accounts online.

Security Sophos

Court squeezes $1 million back from convicted phisher

August 27, 2019 0 Comments 2-factor Authentication, 2fa, Alpha bay, Courvoisier, cryptocurrency, dark web, data loss, Grant West, Law & order, MFA, Operation Draba, password reuse, passwords, phishing, security threats, strong passwords

Credit to Author: Lisa Vaas| Date: Tue, 27 Aug 2019 09:56:31 +0000

Prolific phishing scammer Grant West has been sentenced to 10 years, 8 months, and reimbursement for victims.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/sHYkSkwLCAs” height=”1″ width=”1″ alt=””/>