How effective are login challenges at preventing Google account takeovers?
Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. …
Google offers free replacement for buggy Titan Security Keys
Misconfigured Bluetooth pairing protocols in Google’s Titan Security Keys may allow attackers to communicate with users’ security key or with the device their key …
PSD2 and strong customer authentication: Are all elements equal?
The European Payment Services Directive 2 (PSD2), introduced in January 2018, contains the requirement for additional security features for certain online transactions. These …
Google introduces many G Suite security enhancements
Last week, the big news from Google Cloud Next 2019 was that phones running Android 7.0 or higher can be turned into a security key for G Suite account 2-step verification. …
G Suite admins can now disable SMS and voice 2FA
G Suite administrators can now prevent enterprise users from using SMS and voice codes as their second authentication/verification factor for accessing their accounts. The …
Mitigating the risk of Office 365 account hijacking
Office 365 – the online, subscription-based version of Microsoft’s Office application suite – is one the most widely used enterprise cloud applications/services, …
Listening-Watch: Strong, low-effort, wearable 2FA scheme
Passwords are still the preferred online authentication method because they are easy to use, but they are increasingly not enough to keep our accounts secure. To mitigate the …
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
Theft of user accounts on cryptocurrency exchanges is soaring
Within a year, the number of data leaks from cryptocurrency exchanges soared by 369%, Group-IB researchers have found, and the US, Russia and China are the countries where …
Reddit suffers data breach despite using SMS-based 2FA
Popular social news aggregation and discussion website Reddit has suffered a breach. The attacker broke into some of its systems and got access to some user data, but did not …
Facebook now supports 2FA via authenticator apps
Facebook has good news for users who wish to secure their accounts with two-factor authentication but aren’t comfortable sharing their phone number with the social …
Malware leverages web injects to empty users’ cryptocurrency accounts
Criminals trying to get their hands on victims’ cryptocurrency stashes are trying out various approaches. The latest one includes equipping malware with …
Featured news
Sponsored
Don't miss
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity