Twitter 2FA phone numbers “inadvertently” used for advertising purposes
Twitter’s Support account published the following announcement on Tuesday: We recently found that some email addresses and phone numbers provided for account security …
account protection
Microsoft: Any form of MFA takes users out of reach of most attacks
The apparent ease with which SIM hijacking attacks are being perpetrated to get the targets’ second authentication factor for crucial accounts (online banking, …
Google adds Password Checkup feature to Google Accounts, Chrome
The popularity of Google’s Password Checkup Chrome extension has spurred the company to build the technology into Google Account’s Password Manager and the Chrome …
As consumers engage with insurance companies online, new types of digital fraud emerge
As more U.S. consumers use digital platforms when engaging with insurance companies, new fraud challenges are likely to arise for insurance carriers, according to TransUnion …
Fraudsters no longer operate in silos, they are attacking across industries and organizations
From January 2019 through June 2019, LexisNexis Risk Solutions recorded 16.4 billion transactions, of which 277 million were human-initiated attacks, a 13% increase over the …
GitHub announces wider array of 2FA options, including security keys and biometrics
GitHub has started supporting the Web Authentication (WebAuthn) web standard, allowing users to use security keys for two-factor authentication with a wide variety of browsers …
G Suite news: Anomalous alert activity for Google Drive, Advanced Protection for enterprise users
Google is rolling out new security options for G Suite users and admins, aimed at alerting organizations about data exfiltration attempts on Google Drive and helping them …
Google has been storing unhashed G Suite customer passwords
Google has discovered that it has been storing some G Suite users’ passwords in clear text and is notifying G Suite administrators that it will force a password change …
How effective are login challenges at preventing Google account takeovers?
Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. …
Google offers free replacement for buggy Titan Security Keys
Misconfigured Bluetooth pairing protocols in Google’s Titan Security Keys may allow attackers to communicate with users’ security key or with the device their key …
Despite warnings, most people still don’t change their passwords
64% of people use the same password for some, or even all, of their online accounts, while only 21% use a different password for each account. These startling findings come …
Indicators of poor password hygiene exposed
The recovered compromised credentials and personally identifiable information (PII) as well as the identified trends in online security habits and the data criminals tend to …