Latest Two-factor Authentication news

Google Workspace will require two admins to sign off on critical changes

Google announced today new cybersecurity defense controls that will allow security teams to thwart account takeover attempts and social engineering attacks targeting Workspace users.
- Sergiu Gatlan
- August 23, 2023
- 12:00 PM
- 1
PyPI announces mandatory use of 2FA for all software publishers

The Python Package Index (PyPI) has announced that it will require every account that manages a project on the platform to have two-factor authentication (2FA) turned on by the end of the year.
- Bill Toulas
- May 28, 2023
- 10:09 AM
- 0
Google will add End-to-End encryption to Google Authenticator

Google is bringing end-to-end encryption to Google Authenticator cloud backups after researchers warned users against synchronizing 2FA codes with their Google accounts.
- Lawrence Abrams
- April 26, 2023
- 05:11 PM
- 4
Google Authenticator now backs up your 2FA codes to the cloud

The Google Authenticator app has received a critical update for Android and iOS that allows users to back up their two-factor authentication one-time passwords (OTPs) to their Google Accounts and have multi-device support.
- Bill Toulas
- April 25, 2023
- 10:39 AM
- 5
GitHub makes 2FA mandatory next week for active developers

GitHub will start requiring active developers to enable two-factor authentication (2FA) on their accounts beginning next week, on March 13.
- Sergiu Gatlan
- March 09, 2023
- 12:00 PM
- 0
Hackers breach Reddit to steal source code and internal data

Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code.
- Lawrence Abrams
- February 09, 2023
- 05:04 PM
- 2
Apple iOS 16.3 arrives with support for hardware security keys

Apple released iOS 16.3 today with long-awaited support for hardware security keys to provide extra protection against phishing attacks and unauthorized access to your devices.
- Lawrence Abrams
- January 23, 2023
- 05:56 PM
- 0
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges.
- Lawrence Abrams
- December 22, 2022
- 02:32 PM
- 14
GitHub to require all users to enable 2FA by the end of 2023

GitHub will require all users who contribute code on the platform to enable two-factor authentication (2FA) as an additional protection measure on their accounts by the end of 2023.
- Bill Toulas
- December 15, 2022
- 03:16 PM
- 4
Attackers bypass Coinbase and MetaMask 2FA via TeamViewer, fake support chat

A crypto-stealing phishing campaign is underway to bypass multi-factor authentication and gain access to accounts on Coinbase, MetaMask, Crypto.com, and KuCoin and steal cryptocurrency.
- Bill Toulas
- November 21, 2022
- 05:16 PM
- 2
Sponsored Content
Text message verification flaws in your Windows Active Directory

While text messaging-based MFA goes a long way toward protecting an org against compromised credentials, it also has vulnerabilities of its own. Orgs must look for ways around the flaws associated with test-based MFA by upgrading to multi-factor authentication. Learn more in this article from Specops Software.
- Sponsored by Specops
- October 18, 2022
- 10:06 AM
- 0
Hackers stealing GitHub accounts using fake CircleCI notifications

GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform.
- Bill Toulas
- September 22, 2022
- 09:40 AM
- 0
Okta one-time MFA passcodes exposed in Twilio cyberattack

The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company.
- Ionut Ilascu
- August 28, 2022
- 01:15 PM
- 0
Android malware ‘Revive’ impersonates BBVA bank’s 2FA app

A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain.
- Bill Toulas
- June 27, 2022
- 02:30 PM
- 1
GitHub announces enhanced 2FA experience for npm accounts

Today, GitHub has launched a new public beta to notably improve the two-factor authentication (2FA) experience for all npm user accounts.
- Sergiu Gatlan
- May 10, 2022
- 03:48 PM
- 0
GitHub to require 2FA from active developers by the end of 2023

GitHub announced today that all users who contribute code on its platform (an estimated 83 million developers in total) will be required to enable two-factor authentication (2FA) on their accounts by the end of 2023.
- Sergiu Gatlan
- May 04, 2022
- 11:00 AM
- 3
American Express down in outage: users report login and payment issues

Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours, and some users continue to. BleepingComputer was able to briefly reproduce issues right before Amex confirmed partially restoring services.
- Ax Sharma
- April 02, 2022
- 03:55 AM
- 0
Google sees 50% security boost for 150M users after 2FA enroll

After accelerating its efforts to auto-enroll as many accounts as possible in two-factor authentication (2FA), Google announced that an additional 150 million users now have 2FA enabled.
- Sergiu Gatlan
- February 08, 2022
- 06:00 AM
- 0
MFA adoption pushes phishing actors to reverse-proxy solutions

The rising adoption of multi-factor authentication (MFA) for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy tools.
- Bill Toulas
- February 03, 2022
- 09:42 AM
- 2
VK introduces 2FA and plans to make it mandatory in 2022

VK, Russia's most popular social media platform with 650 million users, is finally introducing two-factor authentication on all its services and plans to make it mandatory in February 2022 for administrators of large communities.
- Bill Toulas
- December 23, 2021
- 10:01 AM
- 0