security keys – WindowsTechs.com

GitHub Touts 2FA Adoption Success, Looks Ahead to Further Adoption

Posted on April 24, 2024 by Paul Thurrott

GitHub today revealed that its initiative to get users to enable one or more forms of two-factor authentication (2FA) by the end of 2023 has been hugely successful.
The post GitHub Touts 2FA Adoption Success, Looks Ahead to Further Adoption appeared fi… Continue reading GitHub Touts 2FA Adoption Success, Looks Ahead to Further Adoption→

Tip: Use Passkeys With Your Microsoft Account

Posted on January 2, 2024 by Paul Thurrott

Windows 11 version 23H2 natively supports passkeys, a modern and secure passwordless technology that lets you sign in to your online accounts using Windows Hello.
The post Tip: Use Passkeys With Your Microsoft Account appeared first on Thurrott.com.
Continue reading Tip: Use Passkeys With Your Microsoft Account→

The Secret Lives of Passkeys (Premium)

Posted on December 27, 2023 by Paul Thurrott

While 2023 was the year of AI hype, it was also the year in which passkeys were broadly adopted by online services and users alike. This technology is finally making the post-password world a reality, and that’s true no matter which platforms and ecosy… Continue reading The Secret Lives of Passkeys (Premium)→

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Posted on February 28, 2023 by BrianKrebs

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. Continue reading Hackers Claim They Breached T-Mobile More Than 100 Times in 2022→

How 1-Time Passcodes Became a Corporate Liability

Posted on August 30, 2022 by BrianKrebs

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. Continue reading How 1-Time Passcodes Became a Corporate Liability→

Voice Phishers Targeting Corporate VPNs

Posted on August 19, 2020 by BrianKrebs

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. Continue reading Voice Phishers Targeting Corporate VPNs→

Google updates anti-phishing tools by streamlining iOS capabilities

Posted on June 3, 2020 by Jeff Stone

Google is making it easier to use physical security keys on iOS devices. The company says that Apple product owners will now be able to use Titan Security Keys, which fend off phishing and other threats, on personal and professional Google accounts. Google’s Advanced Protection Program, dedicated to protecting users at risk of targeted malicious software attacks, announced the update in a blog post Wednesday. It’s the latest move from Google to expand protection after the Advanced Protection Program unit said in January that users could utilize iPhone or Android devices as a unique security key to access their accounts. Now, by using near-field communication protocols, users should be able to sign in by tapping a security key on the back of an iPhone. “This capability….simplifies your security key experience on compatible iOS devices and allows you to use more types of security keys for your Google Account and the […]

The post Google updates anti-phishing tools by streamlining iOS capabilities appeared first on CyberScoop.

Continue reading Google updates anti-phishing tools by streamlining iOS capabilities→

Google Account Security Keys Launch for iPhone

Posted on January 16, 2020 by Tara Seals

iPhone users can now use Bluetooth to secure their Google accounts. Continue reading Google Account Security Keys Launch for iPhone→

Android 7.0+ Phones Can Now Double as Google Security Keys

Posted on April 11, 2019 by BrianKrebs

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft. Continue reading Android 7.0+ Phones Can Now Double as Google Security Keys→

Reddit Breach Highlights Limits of SMS-Based Authentication

Posted on August 2, 2018 by BrianKrebs

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showca… Continue reading Reddit Breach Highlights Limits of SMS-Based Authentication→