multi-factor authentication (MFA) Archives

Russian President Vladimir Putin delivers a speech standing in front of the monument “Fatherland, Valor, Honor” outside of the Foreign Intelligence Service of the Russian Federation (SVR) in Moscow on June 30, 2022. (Photo by Mikhail Metzel / Sputnik / AFP) (Photo by MIKHAIL METZEL/Sputnik/AFP via Getty Images)

Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers

They weren’t in any hurry, according to Citizen Lab, and used an interesting attack vector. Google Threat Intelligence Group also provided details on the attacks.

Jun 18, 2025 By Tim Starks

Here’s what Google is (and isn’t) planning with SMS account verification

The company wants its users to move away from using SMS in two-step verification.

Feb 27, 2025 By Greg Otto

The guidance is meant for high-value political and federal targets. (Getty Images)

CISA pushes guide for high-value targets to secure mobile devices

The guide comes as the government continues to deal with the fallout of the Salt Typhoon hack.

Dec 18, 2024 By Greg Otto

An Egyptian Fisherman holds a fishing net on the waters of the Pharaonic Sea in the village of Kafr Fisha, province of Monufia, in 2019. (MOHAMED EL-SHAHED/AFP via Getty Images)

Microsoft seizes websites tied to Egypt-based DIY phishing kit-maker

The kits, which the company said were a sophisticated approach to bypassing multifactor authentication, pose a particular threat to the financial services sector.

Nov 21, 2024 By Tim Starks

Federal CISO Mike Duffy speaks during CyberTalks in Washington, D.C., on Oct. 30, 2024. (Scoop News Group photo)

Threat awareness, cloud security, quantum computing among chief agency cyber policy priorities ahead

The interim Federal Chief Information Security Officer spelled out some 2025 agenda items for feds at CyberTalks.

Oct 30, 2024 By Tim Starks

Shelly Hartsook, acting associate director of CISA’s Cybersecurity Division, speaks during CyberTalks in Washington, D.C., on Oct. 30, 2024. (Scoop News Group photo)

Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says

Shelly Hartsook said she’s seen promising data on implementation of security protocols ahead of next week’s due date for agencies to submit updated plans.

Oct 30, 2024 By Matt Bracken

CISA sees elimination of ‘bad practices’ as next secure-by-design step

Officials at the cyber agency are doubling down on shifting the security onus to software makers.

Oct 28, 2024 By Matt Bracken

Iranian hackers are going after critical infrastructure sector passwords, agencies caution

An international advisory says that the purpose of the “brute force” attacks is to sell the info to cybercrime forums.

Oct 16, 2024 By Tim Starks

WordPress.org to require two-factor authentication for plugin developers

The requirement begins Oct. 1. and would apply to plugin and theme authors.

Sep 11, 2024 By Christian Vasquez

Credit cards and dollar bills. a blue plastic bank card is lying on a pile of American dollars. ( Diy13/Getty Images)

Moroccan cybercrime group impersonates nonprofits and abuses cloud services to rake in gift card cash

Microsoft researchers say the group, tracked as Storm-0539 or Atlas Lion, targets employees with major U.S. retailers who control gift card operations.

May 23, 2024 By AJ Vicens