Security News

6 Best Multi-Factor Authentication (MFA) Solutions for 2024
2024-03-20 17:19

MFA software solutions provide multi-factor authentication for individual end-users, organizational workforces and customer-facing applications. Software Solution category Authentication types Hosting options Pricing Google Authenticator Individual MFA Mobile app, software token, mobile push, risk-based Cloud-based Free Cisco Duo Workforce MFA Mobile app, software token, hardware token, mobile push, WebAuthn, biometric Cloud-based Free MFA for up to 10 users; plans start at $3/user/month.

MFA vs 2FA: Which Is Best for Your Business?
2024-03-15 15:17

The terms 2FA and MFA are sometimes used interchangeably. This is because 2FA is really a subset of MFA. 2FA involves only one additional authentication factor.

4 Ways Hackers use Social Engineering to Bypass MFA
2024-02-12 11:14

When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential...

Whitepaper: MFA misconceptions
2024-01-24 03:45

Please turn on your JavaScript for this page to function normally. While a valuable tool in the cybersecurity toolkit, MFA is not immune to weaknesses.

Out with the old and in with the improved: MFA needs a revamp
2024-01-19 06:00

With MFA in place, when a hacker gets a hold of your account credentials, they cannot fulfill the additional identification requirement, meaning their ability to breach the system is dead in the water. We've seen lately a surprising number of high-profile social engineering attacks that result in MFA bypass.

MFA Spamming and Fatigue: When Security Measures Go Wrong
2024-01-18 12:02

In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations...

3 main tactics attackers use to bypass MFA
2023-12-26 05:00

SE Labs advised CISOs to step-up their efforts against attacks on systems protected by MFA in response to increased attacker activity to exploit failure points. As is often the case when compromising systems, attackers have not reinvented the wheel to circumvent MFA, or 2FA, as it is also known.

What to do when receiving unprompted MFA OTP codes
2023-12-17 16:06

Marketplaces devoted to selling stolen consumer online accounts make financial fraud easy, where threat actors can buy accounts for as little as $1.50 to Amazon, Marriot Bonvoy rewards accounts, Dunkin, Instacart, and many other well-known retail stores. To better secure your online accounts, many companies offer a security feature called multi-factor authentication, which when configured, requires users to enter an additional form of verification before being allowed to log in to their account.

Money-grubbing crooks abuse OAuth – and baffling absence of MFA – to do financial crimes
2023-12-14 11:03

OAuth is an especially appealing target for criminals in cases where compromised accounts don't have strong authentication in place, and user permissions allow them to create or modify OAuth applications. Microsoft, in a threat intel report, details one cyber crime crew it tracks as Storm-1283 that used a compromised account to create an OAuth application and deploy VMs for crypto mining, while also racking up between $10,000 and $1.5 million in Azure compute fees.

MFA under fire, attackers undermine trust in security measures
2023-11-20 05:30

MFA adds security to online accounts, but MFA lookalikes are a real threat to consumers and enterprises. Consumers have come to trust MFA, but attackers can now get in the middle and take over accounts.