Authentication and Personal Security - Cyber Security Informer

GUEST ESSAY: Lessons to be learned from the waves of BofA phone number spoofing scams

The Last Watchdog

AUGUST 21, 2023

Phone number spoofing involves manipulating caller ID displays to mimic legitimate phone numbers, giving scammers a deceptive veil of authenticity. To verify their authenticity, Nicolas asked for proof, but the scammers insisted he Google the Bank of America number. Suspicious, he trusted his instincts and called the bank directly.

Scams

Scams Banking Accountability Authentication

Take the Unhackable MFA Challenge

Cisco Security

JANUARY 26, 2021

Today I took the #UnhackableMFA Challenge and pledged to help someone I care about to get set up on MFA (Multi-factor authentication) to protect them, both online and off! This is Unhackable, the authoritative Security podcast about deception and personal security. Now I challenge you to pass it on! What is MFA ?

Authentication

Authentication Media Personal Security Cybersecurity

Intimate Partner Threat

Schneier on Security

MARCH 5, 2018

Princeton's Karen Levy has a good article computer security and the intimate partner threat: When you learn that your privacy has been compromised, the common advice is to prevent additional access -- delete your insecure account, open a new one, change your password.

Passwords

Passwords Accountability Authentication Personal Security

Navigating the Web of Romance Scams: A Guide for Businesses and Consumers

Webroot

FEBRUARY 13, 2024

Businesses should include the risks of social engineering scams, like romance scams, in their cybersecurity training programs, highlighting how personal security practices impact professional security. This transparency can be crucial in preventing security risks to the business.

Scams

Scams Cryptocurrency Media Education

PCI v4 is coming. Are you ready?

Pen Test Partners

SEPTEMBER 13, 2023

businesses gain the flexibility to define and deploy personalized security measures aligned with their specific cardholder data environment (CDE) setup. The innovative Customised Approach empowers well-established organisations to intricately specify their existing security controls to fulfil the objectives for each requirement.

Authentication

Authentication Passwords Media Encryption

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Incorporate personal security best practices, such as two-factor authentication and encryption, in all your online interactions. Today, our mobile devices serve not just as communication tools but also as gatekeepers to our digital identities, especially with the rise of mobile-based multi-factor authentication (MFA).

Retail

Retail Cybersecurity Financial Services Mobile

Chart a course to the passwordless future on World Password Day

SC Magazine

MAY 6, 2021

Here are some best practices to consider when giving users a more efficient and secure way to login: Beware of shared secrets. Does the organization use a shared secret to authenticate users? When adding security to the login process, it’s imperative to make sure it doesn’t inhibit user productivity. Eliminate passwords.

Passwords

Passwords Authentication Identity Theft Risk

Interesting Reads, August 19

Adam Shostack

AUGUST 21, 2019

If you needed more reasons to move away from using SMS-based authentication, and treating phone companies as trusted, “ AT&T employees took over $1 million in bribes to plant malware and unlock millions of smartphones: DOJ “ Abuse reporting systems are being abused. You need to threat model and play the chess game.

Media

Media Authentication Malware Personal Security

Top of Mind Security Insights from In-Person Interactions

Cisco Security

JUNE 30, 2022

Mobility, BYOD (bring your own device), cloud, increased collaboration, and the consumerization of IT have necessitated a new type of access control security– zero trust security. Supply chain attacks have become one of the biggest security worries for businesses. Data privacy is getting personal .

Digital transformation

Digital transformation Data privacy Identity Theft Data breaches

Redesigning UI - The Duo Mobile App, What’s New

Duo's Security Blog

JUNE 23, 2021

In early 2019, we embarked on a project to improve the Duo Mobile user authentication experience. Before we do that, I wanted to take some time to share with you exactly how we’re making it easier for users to authenticate using Duo Mobile. Fighting Fraud by Humanizing the Push Screen Authentication is hard!

Mobile

Mobile Accountability Authentication Education

Be Wary of Scammers in the Holiday Season

Security Through Education

DECEMBER 21, 2022

In October, Cybersecurity Awareness Month taught us the importance of safe practices such as the use of multifactor authentication, strong passwords, and VPNs. Only through learning about the tactic’s scammers use can we truly continue to improve our own personal security.

Scams

Scams Phishing Social Engineering Risk

No, Spotify Wasn't Hacked

Troy Hunt

JANUARY 8, 2019

Instead, they need to look inwardly and adjust their own security practices instead. Get a password manager (8 years on and I still use 1Password every day), create strong and unique passwords on every account and enable 2-factor authentication where available.

Hacking

Hacking Passwords Accountability Data breaches

NY Man Pleads Guilty in $20 Million SIM Swap Theft

Krebs on Security

DECEMBER 16, 2021

Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a target’s password, as many financial institutions and online services rely on text messages to send users a one-time code for multi-factor authentication.

Cryptocurrency

Cryptocurrency Mobile Accountability Scams

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

The Last Watchdog

NOVEMBER 22, 2021

Two-factor authentication may seem technically complicated, but “2FA” is a security measure you already know. Anytime a website sends you an SMS code or asks a personal security question, that’s a form of 2FA. Silo your risk by generating a unique password for each of your online accounts.

Passwords

Passwords Password Management Accountability Data breaches

CLEANING UP THE CLUTTER (Pt. 5 of “Why Don’t You Go Dox Yourself?”)

Cisco Security

NOVEMBER 4, 2022

An important lesson in security is that operating at max capacity isn’t sustainable all the time, and planning for rest and overflow in our personal security planning is no different.

Accountability

Accountability Marketing B2B Media

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

JANUARY 16, 2019

As I mentioned earlier, they partnered with HIBP to help drive people interested in personal security towards better personal security practices and obviously there's some neat integration with the data in HIBP too (there's also a dedicated page explaining why I chose them ). What can you do if you were in the data?

Data breaches

Data breaches Passwords Password Management Accountability

On the Twitter Hack

Schneier on Security

JULY 20, 2020

Class breaks are endemic to computerized systems, and they're not something that we as users can defend against with better personal security. It didn't matter whether individual accounts had a complicated and hard-to-remember password, or two-factor authentication. For Twitter users, this attack was a double whammy.

Hacking

Hacking Banking Accountability Government

Cyber Security Informer

GUEST ESSAY: Lessons to be learned from the waves of BofA phone number spoofing scams

Take the Unhackable MFA Challenge

Trending Sources

Intimate Partner Threat

Navigating the Web of Romance Scams: A Guide for Businesses and Consumers

PCI v4 is coming. Are you ready?

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Chart a course to the passwordless future on World Password Day

Interesting Reads, August 19

Top of Mind Security Insights from In-Person Interactions

Redesigning UI - The Duo Mobile App, What’s New

Be Wary of Scammers in the Holiday Season

No, Spotify Wasn't Hacked

NY Man Pleads Guilty in $20 Million SIM Swap Theft

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

CLEANING UP THE CLUTTER (Pt. 5 of “Why Don’t You Go Dox Yourself?”)

The 773 Million Record "Collection #1" Data Breach

On the Twitter Hack

Stay Connected