Never share verification codes
Credit to Author: Alex Perekalin| Date: Tue, 22 May 2018 09:31:32 +0000
Here’s how scammers try to phish for verification codes — and what may happen if you send them one.
Read moretwo-factor authentication
A week in security (May 7 – May 13)
Credit to Author: Malwarebytes Labs| Date: Mon, 14 May 2018 17:18:24 +0000
 |
|
| A roundup of security news from May 7 – May 13, including a new zero-day for Internet Explorer, a Netflix phishing scam, a worm found in Facebook’s Messenger, and more.
Categories: Tags: 7zipfacebookfake android avHTTPSjavascript excelJS excelkuik adwaremicrosoftmicrosoft excelnetflix phishnigerian scamshopper stop tech scamsignaltech support scamtwo-factor authenticationvulnerability |
The post A week in security (May 7 – May 13) appeared first on Malwarebytes Labs.
Read moreTransatlantic Cable podcast, episode 21
Credit to Author: Jeffrey Esposito| Date: Fri, 26 Jan 2018 12:26:37 +0000
In this week’s edition of Kaspersky Lab’s podcast, Jeff and Dave discuss a vulnerability in Sonic the Hedgehog, a woman who has a habit of sneaking onto flights and more.
Read moreCybersecurity New Year’s resolutions, you say? Why not.
Credit to Author: Jovi Umawing| Date: Fri, 19 Jan 2018 16:00:00 +0000
 |
|
| It’s no surprise that our resolutions are usually about health, finances, relationships, and self-improvement. As all of us live digital lives, too, why not think up cybersecurity New Year’s resolution that concern our online health and safety?
Categories: Tags: cybercybersecuritycybersecurity resolutionsHTTPSnew year’s resolutiontwo-factor authentication |
The post Cybersecurity New Year’s resolutions, you say? Why not. appeared first on Malwarebytes Labs.
Read moreWhy two-factor authentication is not enough
Credit to Author: Alex Perekalin| Date: Fri, 19 May 2017 13:00:54 +0000
How messages with confirmation codes from banks are intercepted and what can you do to protect yourself.
Read moreFraudsters Exploited Lax Security at Equifax’s TALX Payroll Division
Credit to Author: BrianKrebs| Date: Thu, 18 May 2017 20:23:13 +0000
Identity thieves who specialize in tax refund fraud had big help this past tax year from Equifax, one of the nation’s largest consumer data brokers and credit bureaus. The trouble stems from TALX, an Equifax subsidiary that provides online payroll, HR and tax services. Equifax says crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees. In a boilerplate text sent to several affected customers, Equifax said the unauthorized access to customers’ employee tax records happened between April 17, 2016 and March 29, 2017. Beyond that, the extent of the fraud perpetrated with the help of hacked TALX accounts is unclear, and Equifax refused requests to say how many consumers or payroll service customers may have been impacted by the authentication weaknesses.
Read moreSSA.GOV To Require Stronger Authentication
Credit to Author: BrianKrebs| Date: Wed, 10 May 2017 13:01:13 +0000
The U.S. Social Security Administration will soon require Americans to use stronger authentication when accessing their accounts at ssa.gov. As part of the change, SSA will require all users to enter a username and password in addition to a one-time security code sent their email or phone. In this post, we’ll parse this a bit more and look at some additional security options for SSA users.
Read moreFixing the Cell Network Flaw That Lets Hackers Drain Bank Accounts
Credit to Author: Lily Hay Newman| Date: Tue, 09 May 2017 12:00:44 +0000
Security researchers have warned about SS7 for years. Now that hackers have used it to rob banks, here’s how telecoms can finally fix it. The post Fixing the Cell Network Flaw That Lets Hackers Drain Bank Accounts appeared first on WIRED.
Read moreAmazon third party sellers: A new threat
Credit to Author: William Tsing| Date: Fri, 14 Apr 2017 15:00:06 +0000
 |
|
| On Monday, the Wall Street Journal reported a wave of hijacked Amazon seller accounts that proceeded to fleece buyers for large sums of money. As reported here, attackers would use credentials harvested from other breaches to take over the account, then either simply redirect funds to their own deposit account or create lots of fake…
Categories: Tags: amazonfraudleakpasswordscamtwo-factor authenticationWall Street JournalWSJ |
The post Amazon third party sellers: A new threat appeared first on Malwarebytes Labs.
Read moreHow to Protect Your iCloud Account, Juuust in Case Those Hackers Aren’t Joking
Credit to Author: Lily Hay Newman| Date: Sun, 26 Mar 2017 11:00:55 +0000
Hackers claim that they’ll wipe out hundreds of millions of iCloud accounts on April 7. Apple says there’s no breach. Here’s what to do in the meantime. The post How to Protect Your iCloud Account, Juuust in Case Those Hackers Aren’t Joking appeared first on WIRED.
Read morePhishing 101 at the School of Hard Knocks
Credit to Author: BrianKrebs| Date: Fri, 24 Mar 2017 16:03:21 +0000
A recent, massive spike in sophisticated and successful phishing attacks is prompting many universities to speed up timetables for deploying mandatory two-factor authentication (2FA) — requiring a one-time code in addition to a password — for access to student and faculty services online. This is the story of one university that accelerated plans to require 2FA after witnessing nearly twice as many phishing victims in the first two-and-half months of this year than it saw in all of 2015.
Read more