1873 matches found
Google Joins FIDO Alliance Effort to Move Beyond Passwords
Google, which gradually has been moving its users away from using passwords as their main form of authentication for Web services, has joined a young organization whose goal is to phase out passwords and replace them with various forms of strong authentication. The FIDO Alliance, formed last year...
Syrian Hackers Hijack AP Twitter Tweet Obama Injured by Bomb
Twitter is facing increased pressure to beef up authentication for users after the hijacking of another high-profile account yesterday caused some temporary tremors on the stock market. The social network has reportedly been testing two-factor authentication internally; Twitter lags behind Google...
Hackers Using Brute-Force Attacks to Harvest WordPress Sites
Months of distributed denial of service attacks against major U.S. banks have evolved in magnitude and ferocity causing service disruptions for online banking customers. They’ve also shown the way for other attackers to adapt and evolve techniques used in those attacks. Apparently, someone is...
Quest Defender Desktop Login Component Installed
Defender Desktop Login Component, a two-factor authentication application for protecting a login page, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65929; scriptversion"1.8";...
Microsoft Reportedly Adding Two-Factor Authentication to User Accounts
Microsoft reportedly will implement two-factor authentication on users’ accounts at some point down the line, according to reports this week. Microsoft fansite Liveside.net first reported about the company’s plans yesterday with a blog post that includes a handful of screenshots from the purporte...
Apple Takes Tool offline After New Security Hole Surfaces
Less than a day after Apple announced a new two-factor authentication to better protect Apple ID and iCloud accounts, the company was scrambling to fix another major security hole with its own password reset tool. As first reported earlier Friday by The Verge, this new exploit allows anyone to ga...
Apple adds two-factor authentication to iCloud and Apple ID
Apple is beefing up the security of its iCloud and Apple ID accounts by adding two-factor authentication to the account login process. Users who activate the option will be required to enter a four-digit code they may receive via SMS message, aside from the usual password. Two-factor authenticati...
Apple Adds Two-Factor Authentication to iTunes Accounts
Apple has introduced a new two-factor authentication system designed to help protect users’ iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users’ accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification...
Apple adds two-factor authentication to iCloud and Apple ID
Apple is beefing up the security of its iCloud and Apple ID accounts by adding two-factor authentication to the account login process. Users who activate the option will be required to enter a four-digit code they may receive via SMS message, aside from the usual password. Two-factor authenticati...
Dropbox Users Reporting More Spam Following Last Summer's Breach
It appears the breach of cloud-based storage service Dropbox last year has spurned another wave of spam over the last week or so. Users began posting complaints on the service’s Bugs and Troubleshooting forum yesterday claiming that their Dropbox-specific accounts started receiving spam again las...
Researchers Bypass Google Two-Factor Authentication
For some time, attackers had the ability to bypass Google’s two-step authentication system through access to users’ app-specific passwords, giving them full access to victims’ Google accounts, including Gmail. The vulnerability that enables this attack, discovered by researchers from DuoSecurity,...
Google Says Gmail Security Measures Have Reduced Account Hijacks By 99 Percent
Gmail accounts are high-priority targets for attackers of all stripes, particularly spam crews and state-sponsored attackers who use them to monitor the activities of activists and journalists. Hijacking those accounts can be quite useful for spammers and malware gangs as well, but Google said th...
Could Smart-Watches Replace Passwords as Authenticators?
Good passwords are hard to remember while passwords that are easily remembered are often just as easily guessed. Therein lies the reason passwords are such a security headache. The race to replace passwords is ever-present in the security industry, and the newest entrant is the smart-watch. “If t...
Zitmo Trojan Variant Eurograbber Beats Two-Factor Authentication to Steal Millions
Online banking customers in Europe are falling victim by the thousands to a new banking Trojan that is infecting Android and BlackBerry devices and is capable of defeating two-factor authentication. The Trojan, dubbed Eurograbber by researchers at Check Point Software Technologies and Verasafe, i...
Go Daddy Attributes DNS Hack to Phishing
A spokesman at Go Daddy, the popular domain registrar and Web host company, believes that some of its users may have been phished – and that’s to blame for the barrage of ransomware some customers have been seeing in past week or so. Last week it was reported that attackers had placed malicious D...
Go Daddy Sites Serve Up Ransomware Malware
Domain name registrar and website hosting provider Go Daddy is responding to a DNS attack targeting a "small number" of its hosted websites that one security firm said is enabling cyber criminals to spread ransomware. The DNS Domain Name System is what transfers host-names into IP addresses,...
Attackers Had Access for Months in South Carolina Data Breach
Attackers had two months of unfettered access to South Carolina’s Department of Revenue systems in a classic targeted attack that began with a phishing email and ended with the loss of electronic tax return data, and payment card and personal information on 3.8 million filers, possibly dating bac...
Planned Cyberattacks on US Banks on Hold
Upwards of 30 major U.S. banks and financial institutions have been given a reprieve. The hacker behind a coordinated attack against giants such as Bank of America, Chase, Citibank, PNC, Wells Fargo and nearly two dozen other banks has called off the operation after media reports surfaced a month...
Blizzard Sued Over Data Breach, Authenticator Sales
UPDATED–A group of customers is suing gaming giant Blizzard Entertainment in connection with a data breach in August that resulted in user email addresses, hashed passwords and other information being stolen by attackers. The suit claims that the company did not do enough to secure users’ account...
Remotely controlled Malware as Browser extensions
"Browser extensions extend the functionality of the web browser. These extensions improve the appearance, functionality, security or other parts of the browser. Extensions were also developed with malicious intent, in order to generate revenue or just spread the code between more and more browser...