Modern organizations are no longer governed by fixed perimeters. In fact, the perimeter-based security model is disintegrating in a world where users work on their own devices from anywhere, and sensitive company data is stored in multiple cloud services. Organizations can no longer rely on binary security models that focus on letting good guys in and keeping bad guys out. Their big challenge is figuring out how to give users the access they need while … More
Twitter’s Support account published the following announcement on Tuesday: We recently found that some email addresses and phone numbers provided for account security may have been used unintentionally for advertising purposes. This is no longer happening and we wanted to give you more clarity around the situation: https://t.co/bBLQHwDHeQ — Twitter Support (@TwitterSupport) October 8, 2019 Then, in the linked post, they proceeded not to give a lot of clarity. “We recently discovered that when you … More
The post Twitter 2FA phone numbers “inadvertently” used for advertising purposes appeared first on Help Net Security.
The apparent ease with which SIM hijacking attacks are being perpetrated to get the targets’ second authentication factor for crucial accounts (online banking, cryptocurrency exchange, online wallet) must have raised some doubts about the security of multi-factor authentication (MFA) – and rightly so. What users need to know and accept is that not all MFA options are equally secure but that, generally, they are all a safer option than using just a password. “Use of … More
The post Microsoft: Any form of MFA takes users out of reach of most attacks appeared first on Help Net Security.