Security Keys

Voice Phishers Targeting Corporate VPNs

Voice Phishers Targeting Corporate VPNs

| | Allison Nixon, DomainTools, Latest Warnings, Security Keys, The Coming Storm, Unit 221B, urlscan.io, vishing, VPN phishing, Yubico, Yubikey, Zack Allen, ZeroFox
The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers' networks. But one increasingly brazen ...
Krebs on Security
How Google Cloud keeps accounts safe using security keys

Android 7.0+ Phones Can Now Double as Google Security Keys

| | Advanced Protection, Android 7.0, Christiaan Brand, google, Security Keys, Security Tools, U2F, Universal 2nd Factor, Yubico
Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google's various services. The company announced that all phones running Android 7.0 and higher ...
Krebs on Security
Reddit Breach Highlights Limits of SMS-Based Authentication

Reddit Breach Highlights Limits of SMS-Based Authentication

| | Authy, Data breaches, google, Google Authenticator, number port-out scams, Reddit breach, Security Keys, Security Tools, TOTP, twofactorauth.org, Yubico
Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn't seem too ...
Krebs on Security
Google: Security Keys Neutralized Employee Phishing

Google: Security Keys Neutralized Employee Phishing

| | Chrome, Dashlane, dropbox, Duo Security, edge, facebook, FIDO Alliance, Firefox, Firefox Quantum, GitHub, Google Advanced Protection, KeePass, lastpass, Microsoft, opera, Safari, Security Keys, Security Tools, U2F, Web Authentication API, WebAuthn, World Wide Web Consortium, Yubikey
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of ...
Krebs on Security