E-Verify’s “SSN Lock” is Nothing of the Sort

Credit to Author: BrianKrebs| Date: Sat, 04 Jul 2020 22:24:14 +0000

One of the most-read advice columns on this site is a 2018 piece called “Plant Your Flag, Mark Your Territory,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A key concept here is that these services only allow one account per Social Security number — which for better or worse is the de facto national identifier in the United States. But KrebsOnSecurity recently discovered that this is not the case with all federal government sites built to help you manage your identity online. A reader who was recently the victim of unemployment insurance fraud said he was told he should create an account at the Department of Homeland Security’s myE-Verify website, and place a lock on his Social Security number (SSN) to minimize the chances that ID thieves might abuse his identity for employment fraud in the future.

Read more

Turn on MFA Before Crooks Do It For You

Credit to Author: BrianKrebs| Date: Fri, 19 Jun 2020 19:19:10 +0000

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident.

Read more

Patch Tuesday Lowdown, October 2019 Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Oct 2019 06:00:58 +0000

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights.

Read more

Spam In your Calendar? Here’s What to Do.

Credit to Author: BrianKrebs| Date: Tue, 03 Sep 2019 18:56:07 +0000

Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working. But periodically they circle back to old tricks, and few spam trends are as perennial as calendar spam, in which invitations to click on dodgy links show up unbidden in your digital calendar application from Apple, Google and Microsoft. Here’s a brief primer on what you can do about it.

Read more

What You Should Know About the Equifax Data Breach Settlement

Credit to Author: BrianKrebs| Date: Mon, 22 Jul 2019 19:27:11 +0000

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

Read more

Caution: Misuse of security tools can turn against you

Credit to Author: Vasilios Hioureas| Date: Thu, 11 Jul 2019 17:34:57 +0000

If not implemented correctly, the very security tools we use to keep our information private may actually cause data leaks themselves. We outline a few cases and provide suggestions for researchers and security admins.

Categories:

Tags:

(Read more…)

The post Caution: Misuse of security tools can turn against you appeared first on Malwarebytes Labs.

Read more

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Credit to Author: BrianKrebs| Date: Fri, 28 Jun 2019 18:01:53 +0000

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

Read more