Security News
Amazon-owned home security and smart home company Ring this week announced new security and privacy features for all of its users. With mandatory 2FA in place, when a user logs into their Ring account, a one-time six-digit code to verify the login attempt - this applies to all Shared Users on the account as well - will be sent, either via email or as a text message.
On Tuesday, Ring president Leila Rouhi said in a blog post that starting immediately, the once-optional authentication is going to be mandatory for all users when they log in to their Ring accounts. That's what makes 2FA a good backup: even if your login gets stolen, and even if you've reused those credentials, a hacker still has to have access to your second factor - for example, your phone or your email, where you receive a one-time code to plug in as additional authentication - in order to log in to your account.
The new requirement comes after Ring faced a backlash in December following a rash of disturbing hacks and security issues tied to the smart doorbell. While Amazon-owned Ring offered 2FA as an option to customers before, now the second layer of verification will be mandatory to all users.
Nest owners, if you aren't already flying with two-factor authentication on your accounts, get ready for Google to push you into spreading those security wings. On Tuesday - which, appropriately enough, was Safer Internet Day - Google announced that in the spring, it will start forcing users of its Nest webcams and other products to use 2FA to secure their accounts.
NCP engineering released version 5.30 of the Secure Enterprise Management Server, a central component of the NCP Next Generation Network Access Technology that serves as a single point of administration. With the NCP Secure Enterprise Management Server version 5.30, a Time-based One-time Password generated through the NCP Authenticator App can be used as an alternative to NCP's Advanced Authentication via SMS as a second factor.
Apple engineers think they've come up with a simple way to make SMS two-factor authentication one-time codes less susceptible to phishing attacks: agree a common text format so their use can be automated without the need for risky user interaction. The concept proposed by the company's Safari WebKit team is that apps such as mobile browsers will automatically process SMS text codes as they are received, submitting them to the correct website.
With 2FA enabled on your Docker Hub account, you'll find you cannot access it with your user password from within the CLI. Jack Wallen shows you how to make this work.
With 2FA enabled on your Docker Hub account, you'll find you cannot access it with your user password from within the CLI. Jack Wallen shows you how to make this work. If you've recently added two-factor authentication to your Docker Hub account, you've more than likely run into a situation where you can no longer access the account from the command line using the standard username/password credentials.
Fox-IT Suspects APT20 Group Was InvolvedAn advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries...