Security News

A two-factor authentication bypass vulnerability affecting the popular cPanel & WHM software suite may allow attackers to access secured accounts, Digital Defense researchers have found. Still, admins of sites that are managed through cPanel should check whether their provider did perform the update.

Scammers have hatched a new way to attempt to bypass two-factor authentication protections on Facebook. The first step in the "Appeal?" The victim is asked to submit a username, password and 2FA code from their mobile device, according to Sophos researcher Paul Ducklin, allowing fraudsters bypass 2FA. 2FA is an added layer of protection on top of a username and password that usually involves sending a unique code to a mobile device, which must be entered to access a platform.

Notification of Alleged Copyright Violation Recently there have been reports citing copyright violations of your Page posts. The link on the Facebook page above looks as though it stays on facebook.com, but the URL you see in blue above isn't the URL you visit if you click it.

A newly uncovered banking trojan called Alien is invading Android devices worldwide, using an advanced ability to bypass two-factor authentication security measures to steal victim credentials. Researchers believe Alien is a "Fork" of the infamous Cerberus banking malware, which has undergone a steady demise in use over the past year.

Researchers have uncovered a threat group launching surveillance campaigns that target victims' personal device data, browser credentials and Telegram messaging application files. One notable tool in the group's arsenal is an Android malware that collects all two-factor authentication security codes sent to devices, sniffs out Telegram credentials and launches Google account phishing attacks.

Video conferencing platform Zoom this week announced that all user accounts can now benefit from improved protection, courtesy of support for Two-Factor Authentication. With 2FA enabled on their accounts, users should be protected from security breaches, including those that originate from the Zoom platform itself, the company claims.

Video conferencing platform Zoom is finally offering all users the option to enable two-factor authentication to secure their accounts against credential stuffing attacks and attacks leveraging phished login credentials. How to enable Zoom 2FA on a Pro, Business, Education, or Enterprise account.

IDmission announced its Identity Management System to reduce unauthorized access to large multi-tenant facility access points. With IDMS, large organizations can significantly control physical and logical access points throughout the enterprise.

Let me tell you how it will be There's one for you, nineteen for me 'Cause I'm the taxman, yeah, I'm the taxman Should five per cent appear too small Be thankful I don't take it all 'Cause I'm the taxman, yeah, I'm the taxman If you drive a car, I'll tax the street If you try to sit, I'll tax your seat If you get too cold, I'll tax the heat If you take a walk, I'll tax your feet 'Cause I'm the taxman, yeah, I'm the taxman. You end up with a fraudulent tax return filed against your name; the government ends up with a huge dent in its tax revenues; and the mess can take ages to sort out.

Twitter has revealed more about the July 15 attack that saw several prominent accounts hijacked to promote a Bitcoin scam. The Saturday, July 18 update admits "The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections."