2fa

MalwareBytes Security 

Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge

January 21, 2019 admin 0 Comments 2fa, 2FA modlishka, Amnesty International, CERTFA, cybercrime, defeat 2FA, mantis, modlishka, password manager, PGP, Social engineering, the return of charming kitten, totp, two-factor authentication

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:15:30 +0000

While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tactic called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list. Categories: Cybercrime Social engineering Tags: 2fa2FA modlishkaAmnesty InternationalCERTFAdefeat 2FAmantismodlishkapassword managerPGPSocial Engineeringthe return of charming kittentotptwo-factor authentication (Read more…)

The post Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

A week in security (January 7 – 13)

January 14, 2019 admin 2fa, Android, Ars Technica, Bloomberg, Data Security, Deletion, Facebook, Hacker One, hackers, Help Net Security, Naked Security, PA Daily post, Password reuse, passwords, pentest, ransom, ransomware, rogue apps, ryuk, Ryuk Ransomware, Security world, Trend Micro, USA Today, Vietnam, Vietnam News, Week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Jan 2019 16:45:37 +0000

A roundup of last week’s security news from January 7 to 13, including breaches, takedowns, bug fixes, and social media issues. Categories: Security world Week in security Tags: 2faAndroidArs TechnicaBloombergdata securityDeletionfacebookHacker OnehackersHelp Net SecurityNaked SecurityPA Daily postPassword reusepasswordspentestransomransomwarerogue appsryukRyuk ransomwareTrend MicroUSA TodayVietnamVietnam News (Read more…)

The post A week in security (January 7 – 13) appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Australia’s Early Warning Network compromised

January 7, 2019 admin 2fa, compromise, cybercrime, danger, early warning network, early warning system, email, login, Pagasa, Phivolcs, phonemail, privacy, sms, two-factor authentication, Weather

Credit to Author: Christopher Boyd| Date: Mon, 07 Jan 2019 17:59:03 +0000

An Australian Early Warning System notifying subscribers of severe weather alerts was compromised over the weekend, with messages sent across a variety of formats. What did the hackers get up to? And why did they do it? Categories: Cybercrime Privacy Tags: 2facompromisedangerearly warning networkearly warning systememailloginPAGASAPHIVOLCSphonemailsmstwo-factor authenticationweather (Read more…)

The post Australia’s Early Warning Network compromised appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Humble Bundle alerts customers to subscription reveal bug

December 4, 2018 admin 2-Step Verification, 2fa, breach, bug, cybercrime, games, Gaming, humble bundle, phish, phishing, Social engineering, spear phishing, two-factor authentication, video games

Credit to Author: Christopher Boyd| Date: Tue, 04 Dec 2018 17:20:27 +0000

Humble Bundle is sending emails to subscribers due to information being revealed by a bug. How bad it is? We take a look. Categories: Cybercrime Social engineering Tags: 2-Step Verification2fabreachbuggamesgaminghumble bundlephishphishingspear phishingtwo-factor authenticationvideo games (Read more…)

The post Humble Bundle alerts customers to subscription reveal bug appeared first on Malwarebytes Labs.

Read more

Kaspersky Security 

Why you should never reuse passwords

December 4, 2018 admin 2fa, password manager, passwords, Story, Tips, two-factor authentication

Credit to Author: Alex Perekalin| Date: Tue, 04 Dec 2018 08:42:34 +0000

Designer Mark used the same password for all of his accounts — and lived to regret it. Here’s his story.

Read more

MalwareBytes Security 

Business email compromise scam costs Pathé $21.5 million

November 19, 2018 admin 2fa, authentication, bec, Business Email Compromise, CEO, CFO, cybercrime, mfa, pathe, phish, SCAM, Social engineering, two-factor authentication

Credit to Author: Christopher Boyd| Date: Mon, 19 Nov 2018 16:00:23 +0000

Recently released court documents show European-based cinema chain Pathé lost a small fortune to a business email compromise (BEC) scam in March 2018. The attack cost the company $21.5 million—that’s 10 percent of its total earnings. Learn how to avoid BEC scams and keep your company in the black. Categories: Cybercrime Social engineering Tags: 2faauthenticationbecBusiness Email CompromiseCEOCFOmfapathephishscamtwo-factor authentication (Read more…)

The post Business email compromise scam costs Pathé $21.5 million appeared first on Malwarebytes Labs.

Read more

Kaspersky Security 

SMS-based two-factor authentication is not safe — consider these alternative 2FA methods instead

October 16, 2018 admin 2fa, authenticators, privacy, Tips, two-factor authentication, U2F

Credit to Author: Alex Drozhzhin| Date: Tue, 16 Oct 2018 13:50:18 +0000

Why SMS isn’t the best choice for two-factor authentication, and what alternative types of 2FA you should consider.

Read more

MalwareBytes Security 

A week in security (September 10 – 16)

September 17, 2018 admin 2fa, a week in security, Android, android browser, banking Trojan, banking trojans, botnets, hmrc phish, microsoft, omnichannel fraud, phishing, portable router, Project Verify, ram nit, Ramnit Trojan, ransomware, recap, recon malware, Scammer, security of portable router, Security world, tech support scam, tech support scams, Tor, Trojan, two-factor authentication, Week in security, weekly blog roundup

Credit to Author: Malwarebytes Labs| Date: Mon, 17 Sep 2018 15:56:14 +0000

A roundup of the security news from September 10–16, including omnichannel fraud, ways to get back at scammers, the security of 2FA, and partnerstrokas. Categories: Security world Week in security Tags: 2faa week in securityAndroidandroid browserbanking Trojanbanking Trojansbotnetshmrc phishmicrosoftomnichannel fraudphishingportable routerproject verifyram nitRamnit Trojanransomwarerecaprecon malwarescammersecurity of portable routertech support scamtech support scamstortrojantwo-factor authenticationweekly blog roundup (Read more…)

The post A week in security (September 10 – 16) appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Is two-factor authentication (2FA) as secure as it seems?

September 14, 2018 admin 101, 2fa, biometrics, brute force, Facebook, fake login, FYI, mfa, multi-factor authentication, Password reset, phishing, Social engineering, third-party login, totp, two-factor authentication

Credit to Author: Pieter Arntz| Date: Fri, 14 Sep 2018 15:00:00 +0000

Two factor authentication (2fa) was introduced to enhance login security, but does it always work as advertised? Or can it be bypassed? Categories: 101 FYI Tags: 2fabiometricsbrute forcefacebookfake loginmfamulti-factor authenticationpassword resetphishingSocial Engineeringthird-party logintotptwo-factor authentication (Read more…)

The post Is two-factor authentication (2FA) as secure as it seems? appeared first on Malwarebytes Labs.

Read more

Kaspersky Security 

Making two-factor authentication much stronger in two easy steps

September 12, 2018 admin 2fa, Advice, Android, iOS, iPhone, smartphones, Tips, two-factor authentication

Credit to Author: Sarah Pike| Date: Wed, 12 Sep 2018 14:18:31 +0000

Speaking of two-factor authentication — as we often do — did you know some convenient settings render it utterly useless? Let’s do it right.

Read more

Kaspersky Security 

Hijacking online accounts through voicemail

August 17, 2018 admin 2fa, black hat, blackhat, def con, DEF CON 26, hacking, news, online services, Paypal, Threats, two-factor authentication, voicemail, WhatsApp

Credit to Author: Alex Drozhzhin| Date: Fri, 17 Aug 2018 15:50:43 +0000

When it comes to online accounts, voicemail is a major security hole. Here’s why.

Read more