Multi-Factor Authentication (MFA)

Microsoft seizes websites tied to Egypt-based DIY phishing kit-maker

Posted on November 21, 2024 by Tim Starks

The kits, which the company said were a sophisticated approach to bypassing multifactor authentication, pose a particular threat to the financial services sector.

The post Microsoft seizes websites tied to Egypt-based DIY phishing kit-maker appeared first on CyberScoop.

Continue reading Microsoft seizes websites tied to Egypt-based DIY phishing kit-maker→

Threat awareness, cloud security, quantum computing among chief agency cyber policy priorities ahead

Posted on October 30, 2024 by Tim Starks

The interim Federal Chief Information Security Officer spelled out some 2025 agenda items for feds at CyberTalks.

The post Threat awareness, cloud security, quantum computing among chief agency cyber policy priorities ahead appeared first on CyberScoop.

Continue reading Threat awareness, cloud security, quantum computing among chief agency cyber policy priorities ahead→

Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says

Posted on October 30, 2024 by mbracken

Shelly Hartsook said she’s seen promising data on implementation of security protocols ahead of next week’s due date for agencies to submit updated plans.

The post Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says appeared first on CyberScoop.

Continue reading Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says→

CISA sees elimination of ‘bad practices’ as next secure-by-design step

Posted on October 28, 2024 by mbracken

Officials at the cyber agency are doubling down on shifting the security onus to software makers.

The post CISA sees elimination of ‘bad practices’ as next secure-by-design step appeared first on CyberScoop.

Continue reading CISA sees elimination of ‘bad practices’ as next secure-by-design step→

Iranian hackers are going after critical infrastructure sector passwords, agencies caution

Posted on October 16, 2024 by Tim Starks

An international advisory says that the purpose of the “brute force” attacks is to sell the info to cybercrime forums.

The post Iranian hackers are going after critical infrastructure sector passwords, agencies caution appeared first on CyberScoop.

Continue reading Iranian hackers are going after critical infrastructure sector passwords, agencies caution→

WordPress.org to require two-factor authentication for plugin developers

Posted on September 11, 2024 by Christian Vasquez

The requirement begins Oct. 1. and would apply to plugin and theme authors.

The post WordPress.org to require two-factor authentication for plugin developers appeared first on CyberScoop.

Continue reading WordPress.org to require two-factor authentication for plugin developers →

Moroccan cybercrime group impersonates nonprofits and abuses cloud services to rake in gift card cash

Posted on May 23, 2024 by AJ Vicens

Microsoft researchers say the group, tracked as Storm-0539 or Atlas Lion, targets employees with major U.S. retailers who control gift card operations.

The post Moroccan cybercrime group impersonates nonprofits and abuses cloud services to rake in gift card cash appeared first on CyberScoop.

Continue reading Moroccan cybercrime group impersonates nonprofits and abuses cloud services to rake in gift card cash→

Dozens of tech companies pledge to build safer, more secure tech

Posted on May 9, 2024 by mbracken

The commitments are voluntary, but CISA officials said they are committed to measuring progress by the signatories across key commitments over the next year.

The post Dozens of tech companies pledge to build safer, more secure tech appeared first on CyberScoop.

Continue reading Dozens of tech companies pledge to build safer, more secure tech→