What is a mobile possession factor – and how can it replace passwords to stop phishing?
By Paul McGuire, Co-Founder and CEO of tru.ID We all use email, and we all use passwords – […] The…
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then…
Malicious Android app found powering account creation service
A fake Android SMS application, with 100,000 downloads on the Google Play store, has been discovered to secretly act as…
Dropbox discloses breach after hacker stole 130 GitHub repositories
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub…
Callback phishing attacks evolve their social engineering tactics
The BazarCall malicious operation has evolved its social engineering methods, keeping the old fake charges lure for the first phase…
MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component…
How 1-Time Passcodes Became a Corporate Liability
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some…
Twilio breach let hackers see Okta’s one-time MFA passwords
The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from…
How hackers are stealing credit cards from classifieds sites
A new credit card stealing campaign is underway in Singapore, snatching the payment details of sellers on classifieds sites through…
Microsoft accounts targeted with new MFA-bypassing phishing kit
A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor…