2FA Flaws
SIM Swappers Try Bribing T-Mobile and Verizon Staff $300
Not OK: SMS 2FA — Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication ...
Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones
Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support ...
Telegram Privacy Nightmare: Don’t Opt In to P2PL
Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service ...
FCC’s Got New Rules for SIM-Swap and Port-Out Fraud
Too many times: Federal Communications Commission shuts stable door after horse bolted. But chairwoman Jessica Rosenworcel (pictured) was hoping it would save us ...
Teenage Hackers Must be Stopped: US DHS’s CSRB Report
2FA SMS FAIL: Lapsus$ social engineers exploited weak two-factor authentication. Something must be done! (Well, this is something.) ...
FINALLY! Google Makes 2FA App Useable — BUT There’s a Catch
2FA OTP ASAP? Google Authenticator app now syncs your secrets: No stress if you break your phone ...
Instagram 2FA Bypass, A Tale of Superlative Bug Hunting Skills & Indolent Multi-Factor Authentication
Via Tara Seals writing at the Threatpost Blog, detailing the highly competent bug hunting skill set of Laxman Muthiyah, examining - if you will - the lackadaisical 2FA data flow promulgated by ...
