2FA

(get it in RSS or Atom)

Is Apple slack at security on iOS? 60 Sec Security [VIDEO]

60ss-video-250

What went wrong with PayPal's 2FA? Why did Microsoft do an email U-turn? Is Apple slack at security on iOS?

It'll only take a minute to find out...

Flaw in PayPal’s two-factor authentication, but keep calm and carry on!

Security researchers in the USA have just disclosed a flaw in PayPal's 2FA system.

Paul Ducklin looks at the mistakes that PayPal made, and what's been done to sort them out...

"Heartbleed" - would 2FA have helped?

2fa-250

Because of the global password reset pandemic caused by Heartbleed, lots of Naked Security readers have asked, "Wouldn't 2FA have helped?"

Paul Ducklin takes a look...

Tumblr beefs up security with two-factor authentication

Tumblr

Just like you need two keys to launch a nuclear missile (and we really, really hope that you weren't planning to do that anytime soon), you can now flip on the extra protection of needing-two-things to get at your Tumblr dashboard.

The Spampionship, the PWN2OWN unicorn, and how Target was breached - 60 Sec Security [VIDEO]

2014-02-08-unicorn-250

Where do you find Extreme Spammers? Can you find the exploit unicorn? And how did Target get breached?

Find out in 60 Sec Security for 08 Feb 2014...

Did the crooks who broke into Target tailgate the cleaners?

target-250

Intrepid chronicler of the Target breach, Brian Krebs, has uncovered yet another cog in the criminal gearbox behind Target's data disaster.

Guess what? 2FA and network segregation would have made things a lot harder for the crooks...

SSCC 133 - Prize unicorns, Android malware, 2FA, Attack reports and Vote For Us! [PODCAST]

sscc-133-thumb-250

Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...

Android banking malware with a twist in the delivery

Here's an intriguing tale of an Android malware curveball spotted recently in SophosLabs.

You're expecting the pitch to come at you in a predictable direction, but a hidden twist in the action brings the onslaught from another angle altogether...

Yahoo prompts password reset after mass attack on email service

Yahoo

Yahoo has revealed that it's resetting passwords for a number of its email users after discovering a coordinated effort to gain access to accounts. We explain how Yahoo Mail users can better protect their accounts immediately.

The power of two - All you need to know about two-factor authentication

2FA

What can we do to protect ourselves from stolen password databases, phishing attacks, keyloggers or credit card skimmers installed in our local ATMs? We can start with two-factor authentication. This article tells you what it is, how it works and where you can use it.

Just how secure is that mobile banking app?

https-tablet-250

Security researcher Ariel Sanchez recently published a fascinating report on the sort of security you can expect if you do your internet banking on an iPhone or iPad.

The answer, sadly, seems to be, "Very little."

SSCC 129 - Hypervisors, apologies, backdoors and Twitter hacks [PODCAST]

sscc-129-thumb-250

Chet and Duck look at the security stories that made the headlines over New Year 2013/2014 - from the OpenSSL "hypervisor hack" that wasn't, to the Skype Twitter breach that shouldn't have happened - and explain how we can learn from these mistakes to have a safer and more secure 2014.

Skype's Twitter account compromised by Syrian Electronic Army

Microsoft's reading Skype messages

Microsoft's Skype brand had its Twitter, Facebook and WordPress accounts hacked by a someone claiming to be the Syrian Electronic Army. The real question is, where was the two-factor?

SSCC 126 - Zero-day, Bitcoins, passwords and randomness [PODCAST]

Turn bad news into good with "what you can do better" advice from Chet and Duck.

Learn from: an XP zero-day, a spate of Bitcoin "bank robberies," the outcome of a European user security survey, and yet another cryptographic blunder, this time from Drupal.

GitHub users with weak passwords - you have been warned!

GitHub, one of the world's biggest online repositories of software source code, is warning users to jolly well shape up when it comes to login security.

Of course, GitHub isn't saying it quite like that (it is being more polite)...but we are!

SSCC 121 - WordPress, OS X, iCloud, smartphone tracking and medical devices [PODCAST]

sscc-121-thumb-250

By popular demand, the Chet Chat has gone back to a weekly format, so your favourite security podcast will now be appearing twice as frequently!

Listen to Chet and Duck in the latest episode...

Security essentials: What is two-factor authentication?

Security essentials: What is two-factor authentication?

It's National Cyber Security Awareness Month so we're going back to basics and looking at two-factor authentication.

Facebook privacy, Google security bug, Law Enforcement victories - 60 Sec Security [VIDEO]

2013-09-07-busted-350

Why did Facebook get into double trouble this week over privacy?

Find out the answer to this and more in just 60 seconds of entertaining and informative video!

Google coding glitch locks Apple iOS users out of on-line accounts

ga-logo-250

Google has once again found itself all over the IT news for a spot of bother with its security software.

A recent Google Authenticator update accidentally removed all your accounts...