Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge – Malwarebytes Labs

While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tool called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list.

Source: Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge – Malwarebytes Labs

Advertisements

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned.

Source: Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Privacy coalition targets Microsoft, others for sharing ‘Minority Report’ technology with US Government

There is a certain tension among the private companies and the government when it comes to the sharing of data. While companies openly claim that they never share data with anyone including the government, we don’t always know if that’s true.

Source: Privacy coalition targets Microsoft, others for sharing ‘Minority Report’ technology with US Government

Dirt-Cheap, Legit, Windows Software: Pick Two

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. But purchasing steeply discounted licenses for cloud-based subscription products like recent versions of Microsoft Office can be an extremely risky transaction, mainly because you may not have full control over who has access to your data.

Source: Dirt-Cheap, Legit, Windows Software: Pick Two

User location data sold by AT&T, T-Mobile, and Sprint is making its way to bounty hunters, says report

A new report from Motherboard today takes a look into the practices of US wireless carriers selling user location data to third-parties. While it’s often credit card and other financial companies buying the location data for fraud detection and more, Motherboard says some rogue third-parties have access to user location data and it’s landing the hands of bounty hunters and the black market. more… The post User location data sold by AT&T, T-Mobile, and Sprint is making its way to bounty hunters, says report appeared first on 9to5Mac .

Source: User location data sold by AT&T, T-Mobile, and Sprint is making its way to bounty hunters, says report