“Thanks to Tommy Mysk and Talal Haj Bakry of @mysk_co for the impetus and information behind this article. The duo describe themselves as “two iOS developers and occasional security researchers on two continents.”
How to protect yourself from a SIM-swap attack
“Imagine that you’re sitting at the dinner table, and your phone suddenly comes alive with debit alert after debit alert. You can see the transactions pouring in, and your account balance trickling away, but can do nothing about it.”
Microsoft urges users to stop using phone-based multi-factor authentication
“Microsoft is urging users to abandon telephone-based multi-factor authentication (MFA) solutions like one-time codes sent via SMS and voice calls and instead replace them with newer MFA technologies, like app-based authenticators and security keys.”
BitLocker hacked? Disk encryption – and why you still need it [VIDEO]
“That has led to us getting asked, “Is BitLocker cracked? Is disk encryption still worth it?” The answers are “No” and “Yes”, and this week’s Naked Security Live video explains why.”
PSA: Don’t give out your phone number for Facebook 2FA, use an app instead
“It’s no secret that Facebook doesn’t respect your privacy in the least: we learned last October that the company used the phone number you provided for two-factor authentication to enable advertisers to target you.”
New tool automates phishing attacks that bypass 2FA
“A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA).”