Two-Factor Authentication (2FA) is Just One Part of a Layered Phishing Defense

Staying ahead of phishing attacks is, and likely will always be, an uphill battle. …
The post Two-Factor Authentication (2FA) is Just One Part of a Layered Phishing Defense appeared first on SlashNext.
The post Two-Factor Authentication (2FA) is Just… Continue reading Two-Factor Authentication (2FA) is Just One Part of a Layered Phishing Defense

Facebook’s Phone Number Policy Could Push Users to Not Trust Two-Factor Authentication

Users are angry that Facebook is letting others, including advertisers, look up users via the phone numbers they provided to enable two-factor authentication. Continue reading Facebook’s Phone Number Policy Could Push Users to Not Trust Two-Factor Authentication

Multi-Factor Authentication, New Attacks on 4G and 5G Mobile Networks

This is your Shared Security Weekly Blaze for March 4th 2019 with your host, Tom Eston. In this week’s episode: Multi-factor authentication to protect your credentials, and new attacks on 4G and 5G mobile networks. Protect your digital privacy wi… Continue reading Multi-Factor Authentication, New Attacks on 4G and 5G Mobile Networks

Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins

Great news.

If you have already installed the latest update of Google Play Services released earlier today, and your Android device is running Android version 7.0 Nougat or above—Congratulations! Your device is now FIDO2 Certified.

Are you thinking… … Continue reading Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins

Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts

Motherboard has identified a specific UK bank that has fallen victim to so-called SS7 attacks, and sources say the issue is wider than previously reported. Continue reading Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts

Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In

A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. Continue reading Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In

New Phishing Kit Allows Bypassing Two-Factor Authentication with Ease

Attackers have a new phishing tool in their arsenal, and it’s a powerful one. A penetration tester released an open source toolkit that can be used to easily set up phishing attacks that can bypass two-factor authentication (2FA). Dubbed Modlish… Continue reading New Phishing Kit Allows Bypassing Two-Factor Authentication with Ease

Yubico unveils new NFC key, developing a Lightning-enabled key

Yubico, the physical authentication key company, announced two new products Tuesday, as it continues to make its key fob-like authenticators available on more platforms. The YubiKey for Lightning is geared specifically for Mac and iOS users, but is in a private preview phase while Yubico and third-party developers work on making the keys more compatible with Apple devices. The other announced product, the Security Key NFC, is a USB-A key that has near field communication capability. It combines some functionalities of the company’s standard security key and the YubiKey 5 NFC, both of which were updated in Yubico’s Series 5 line released in September. The new key supports FIDO2, a standard for hardware-based, passwordless authentication, as well as the older FIDO U2F two-factor authentication. However, some authentication protocols included in other keys aren’t supported in the new key. Yubico says the Security Key NFC “works out-of-the-box” with many popular services and […]

The post Yubico unveils new NFC key, developing a Lightning-enabled key appeared first on CyberScoop.

Continue reading Yubico unveils new NFC key, developing a Lightning-enabled key