two-factor authentication

Christopher Boyd January 7, 2019

Australia’s Early Warning Network compromised

An early warning network designed to notify subscribers about dangerous weather in Australia has been compromised. The hacker sent many bogus messages via phone, SMS, and email, telling users that the service had been hacked. Early Warning Network, a service used by local governments to send notifications about weather hazards, found itself firing these rogue missives into the void late on … [Read more...]

Filed Under: 2fa, compromise, cybercrime, danger, early warning network, early warning system, email, login, PAGASA, PHIVOLCS, phonemail, privacy, sms, two-factor authentication, weather

Christopher Boyd December 4, 2018

Humble Bundle alerts customers to subscription reveal bug

You’ll want to check your mailbox if you have a Humble Bundle account, as they’re notifying some customers of a bug used to gather subscriber information. Click to enlarge The mail reads as follows: Hello, Last week, we discovered someone using a bug in our code to access limited non-personal information about Humble Bundle accounts. The bug did not expose email addresses, but the person … [Read more...]

Filed Under: 2-Step Verification, 2fa, breach, bug, cybercrime, games, Gaming, humble bundle, phish, phishing, Social engineering, spear phishing, two-factor authentication, video games

Christopher Boyd November 19, 2018

Business email compromise scam costs Pathé $21.5 million

Recently released court documents show that European-based cinema chain Pathé lost a small fortune to a business email compromise (BEC) scam in March 2018. How much? An astonishing US$21.5 million (roughly 19 million euros). The attack, which ran for about a month, cost the company 10 percent of its total earnings. What is business email compromise? Business email compromise is a type of phishing … [Read more...]

Filed Under: 2fa, authentication, bec, Business Email Compromise, CEO, CFO, cybercrime, mfa, pathe, phish, scam, Social engineering, two-factor authentication

Malwarebytes Labs September 17, 2018

A week in security (September 10 – 16)

Last week on Malwarebytes Labs, we assessed the security of a portable router, identified ways to waste a scammer’s time, named the many faces of omnichannel fraud, questioned the security of 2FAs, profiled a massive tech support scam operation, and exposed a new HMRC phishing campaign. Other cybersecurity news: Trend Micro addressed the burning questions related to their Mac App store apps … [Read more...]

Filed Under: 2fa, a week in security, Android, android browser, banking Trojan, banking Trojans, botnets, hmrc phish, Microsoft, omnichannel fraud, phishing, portable router, project verify, ram nit, Ramnit Trojan, ransomware, recap, recon malware, scammer, security of portable router, Security world, tech support scam, tech support scams, tor, trojan, two-factor authentication, Week in security, weekly blog roundup

Pieter Arntz September 14, 2018

Is two-factor authentication (2FA) as secure as it seems?

Two-factor authentication (2FA) was invented to add an extra layer of security to the—now considered old-fashioned and insecure—simple login procedure of entering a username and password. One of the most well-known examples of 2FA is when you try to log into a familiar website from a different machine or from a different location, which results in a different IP. With 2FA-enabled login procedures, … [Read more...]

Filed Under: 101, 2fa, biometrics, brute force, facebook, fake login, FYI, mfa, multi-factor authentication, password reset, phishing, Social engineering, third-party login, totp, two-factor authentication

Malwarebytes Labs May 14, 2018

A week in security (May 7 – May 13)

Last week on Labs, we looked at the case of a fake Android AV, an annoying adware that goes by the name of Kuik, the return of threat actors behind the Shopper Stop tech scam, a new Netflix phishing scam, the recent zero-day vulnerability in Internet Explorer, and the insufficiency of merely relying on the presence of the green padlock. Also, in a brief blog post, we talked about why we removed … [Read more...]

Filed Under: 7zip, facebook, fake android av, HTTPS, javascript excel, JS excel, kuik adware, Microsoft, Microsoft Excel, netflix phish, nigerian scam, Security world, shopper stop tech scam, signal, tech support scam, two-factor authentication, vulnerability, Week in security

Jovi Umawing January 19, 2018

Cybersecurity New Year’s resolutions, you say? Why not.

It’s mid-January, and oh, how time flies. It wasn’t long since we bid farewell to 2017 and welcomed the new year with renewed hope and vigor. Of course, with such positivity comes a sense of an equally favorable outlook for the year ahead. However good that may sound, being faced with a tabula rasa may pose a challenge equivalent to writer’s block: We simply don’t know where to begin. This … [Read more...]

Filed Under: 101, cyber, cybersecurity, cybersecurity resolutions, FYI, HTTPS, new year's resolution, two-factor authentication

Brad Wyro November 15, 2017

Why Passwords May Not Keep Your Email Safe

We live in an era where the amount of valuable data businesses must store is increasing at an unprecedented pace. Consequently, the number of “bad guys” trying to gain access to that data is also increasing, and hackers have some pretty sophisticated tools at their disposal to try to force their way into your data. They use a variety of tactics, including social engineering, brute force attacks … [Read more...]

Filed Under: 2fa, Email How To, Email Security, two-factor authentication, Webmail, WorldClient

A week in security (September 10 – 16)

A week in security (May 7 – May 13)

Cybersecurity New Year’s resolutions, you say? Why not.

Why Passwords May Not Keep Your Email Safe

SEARCH

RECENT POSTS

Archives

DISCLAIMER