Google delivers new G Suite security tools
Google has announced several new security tools for G Suite admins and users, as well as a new 2FA option: one-time security codes based on security keys. Email security …
How effective are login challenges at preventing Google account takeovers?
Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. …
Google offers free replacement for buggy Titan Security Keys
Misconfigured Bluetooth pairing protocols in Google’s Titan Security Keys may allow attackers to communicate with users’ security key or with the device their key …
PSD2 and strong customer authentication: Are all elements equal?
The European Payment Services Directive 2 (PSD2), introduced in January 2018, contains the requirement for additional security features for certain online transactions. These …
Google introduces many G Suite security enhancements
Last week, the big news from Google Cloud Next 2019 was that phones running Android 7.0 or higher can be turned into a security key for G Suite account 2-step verification. …
G Suite admins can now disable SMS and voice 2FA
G Suite administrators can now prevent enterprise users from using SMS and voice codes as their second authentication/verification factor for accessing their accounts. The …
Mitigating the risk of Office 365 account hijacking
Office 365 – the online, subscription-based version of Microsoft’s Office application suite – is one the most widely used enterprise cloud applications/services, …
Listening-Watch: Strong, low-effort, wearable 2FA scheme
Passwords are still the preferred online authentication method because they are easy to use, but they are increasingly not enough to keep our accounts secure. To mitigate the …
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
Theft of user accounts on cryptocurrency exchanges is soaring
Within a year, the number of data leaks from cryptocurrency exchanges soared by 369%, Group-IB researchers have found, and the US, Russia and China are the countries where …
Reddit suffers data breach despite using SMS-based 2FA
Popular social news aggregation and discussion website Reddit has suffered a breach. The attacker broke into some of its systems and got access to some user data, but did not …
Facebook now supports 2FA via authenticator apps
Facebook has good news for users who wish to secure their accounts with two-factor authentication but aren’t comfortable sharing their phone number with the social …