Malware sidesteps Google permissions policy with new 2FA bypass technique

ESET analysis uncovers a novel technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions. When Google restricted the use of SMS and Call Log permissions in Android apps in March 2019, one of the positive effects was that credential-stealing apps lost the option to abuse these permissions for bypassing SMS-based two-factor authentication (2FA) mechanisms. … More Malware sidesteps Google permissions policy with new 2FA bypass technique

Your Android phone can now double as a security key

An extra layer of security never hurt anybody, and now you can turn your phone into a physical security key. Google has announced that any smartphone running Android 7.0 (Nougat) or later can now be used as a hardware security key for two-factor authentication (2FA). Available in beta at the moment, the new feature is intended … More Your Android phone can now double as a security key

SMBs – secure your passwords to secure your business

Employ 2FA, an easy to implement tool that fast tracks to improved security. Twelve months ago, you launched a business. Considering the odds that 30% of new businesses fail in that period, you can be proud that you are still afloat and “only” facing improvements to your company’s cybersecurity. Now, the cybersecurity marketplace features a … More SMBs – secure your passwords to secure your business

Former employee blamed for hack of WordPress plugin maker

The plugin’s users are recommended to change their passwords on WPML’s website following havoc reportedly wrought by a disgruntled ex-employee. The company behind the widely-used WordPress plugin WPML has been through a tumultuous few days after many of its customers received an email this past weekend that purported to warn them about “a bunch of … More Former employee blamed for hack of WordPress plugin maker