Security News

Video conferencing platform Zoom is finally offering all users the option to enable two-factor authentication to secure their accounts against credential stuffing attacks and attacks leveraging phished login credentials. How to enable Zoom 2FA on a Pro, Business, Education, or Enterprise account.

IDmission announced its Identity Management System to reduce unauthorized access to large multi-tenant facility access points. With IDMS, large organizations can significantly control physical and logical access points throughout the enterprise.

Let me tell you how it will be There's one for you, nineteen for me 'Cause I'm the taxman, yeah, I'm the taxman Should five per cent appear too small Be thankful I don't take it all 'Cause I'm the taxman, yeah, I'm the taxman If you drive a car, I'll tax the street If you try to sit, I'll tax your seat If you get too cold, I'll tax the heat If you take a walk, I'll tax your feet 'Cause I'm the taxman, yeah, I'm the taxman. You end up with a fraudulent tax return filed against your name; the government ends up with a huge dent in its tax revenues; and the mess can take ages to sort out.

Twitter has revealed more about the July 15 attack that saw several prominent accounts hijacked to promote a Bitcoin scam. The Saturday, July 18 update admits "The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections."

Taking a closer look at the malware, the malicious Mac executable is located in "Contents/Resources/Base.lproj/" directory of the fake application and pretends to be a nib file, according to researchers at Malwarebytes, in a posting on Wednesday. Once it starts, it creates a property list file that specifies the application that needs to be executed after reboot, and the content of the plist file is hardcoded within the application.

This week we talk ransomware apologies, whether companies should be pushing 2FA and good vibrations, kind of. Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin and me.

Nextcloud allows you to enforce groups to use two-factor authentication. Let's find out how to create a group and then add them to 2FA enforcement.

Singapore will bin the physical tokens used to provide two-factor authentication for some digital government services. The city-state operates "SingPass", a government service that connects Singapore's residents with 200 government services.

Nextcloud allows you to enforce groups to use two-factor authentication. With Nextcloud Hub you can enable 2FA globally, for individuals, or for groups.

The TrickBot trojan has a new trick up its sleeve for bypassing a new kind of two-factor authentication security method used by banks - by fooling its victims into downloading a malicious Android app. Researchers first discovered the mobile app after a September 2019 tweet by CERT-Bund flagging TrickBot using man-in-the-browser techniques.