An anonymous reader quotes a report from MacRumors: Apple this week introduced a new service that’s designed to make it quick and easy for iCloud users to transfer their stored photos and videos to Google Photos. As outlined in an Apple support document, you can go to Apple’s privacy website and sign in to see the “Transfer a copy of your…
Tag: two-factor authentication
Authorities Arrest SIM Swapping Gang that Targeted Celebrities
Eight men were arrested across England and Scotland this week as part of a coordinated crackdown against a SIM swapping gang that has hijacked the identities and social media profiles of US celebrities. From a report: The UK National Crime Agency, which made the arrests on Tuesday, said the gang targeted well-known sports stars, musicians, and influencers, primarily located in the…
Ubiquiti Tells Customers To Change Passwords After Security Breach
An anonymous reader quotes a report from ZDNet: Networking equipment and IoT device vendor Ubiquiti Networks has sent out today notification emails to its customers informing them of a recent security breach. “We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” Ubiquiti said in emails today. The servers stored…
New Side-Channel Attack Can Recover Encryption Keys From Google Titan Security Keys
A duo of French security researchers has discovered a vulnerability impacting chips used inside Google Titan and YubiKey hardware security keys. From a report: The vulnerability allows threat actors to recover the primary encryption key used by the hardware security key to generate cryptographic tokens for two-factor authentication (2FA) operations. Once obtained, the two security researchers say the encryption key, an…
2FA Bypass Discovered In Web Hosting Software cPanel
An anonymous reader quotes a report from ZDNet: Security researchers have discovered a major security flaw in cPanel, a popular software suite used by web hosting companies to manage websites for their customers. The bug, discovered by security researchers from Digital Defense, allows attackers to bypass two-factor authentication (2FA) for cPanel accounts. These accounts are used by website owners to access…
Robinhood Estimates Hackers Infiltrated Almost 2,000 Accounts
An anonymous reader quotes a report from Bloomberg: Almost 2,000 Robinhood Markets accounts were compromised in a recent hacking spree that siphoned off customer funds, a sign that the attacks were more widespread than was previously known. A person with knowledge of an internal review, who asked not to be identified because the findings aren’t public, provided the estimated figure. When…
Twitter Orders Politicians, Journalists To Fortify Passwords Before Election
Twitter will require certain political candidates, elected officials and journalists to beef up their passwords, the company said Thursday, in an effort to head off any more breaches of high-profile accounts as the 2020 election draws near. From a report: The change comes two months after an embarrassing cyberattack in which hackers exploited Twitter employees’ credentials to wrest control of dozens…
‘Unusually Large Number’ of Breached Sendgrid Accounts Are Sending Spams and Scams
Krebs on Security reports:
Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution may not come fast…
‘DiceKeys’ Creates a Master Password For Life With One Roll
Stuart Schechter, a computer scientist at the University of California, Berkeley, is launching DiceKeys, a simple kit for physically generating a single super-secure key that can serve as the basis for creating all the most important passwords in your life for years or even decades to come. Wired reports: With little more than a plastic contraption that looks a bit like…
Nintendo Now Says 300,000 Accounts Breached by Hackers
Nintendo has almost doubled the number of user accounts compromised by hackers in the past few months. From a report: The Japanese gaming giant originally said that 160,000 Nintendo accounts were compromised, exposing personal information like the account owner’s name, email address, date-of-birth and their country of residence. In an updated statement, the company said another 140,000 Nintendo accounts had been…