Krebs on Security

NOVEMBER 9, 2024

” Echoing the FBI’s warning, Donahue said far too many police departments in the United States and other countries have poor account security hygiene, and often do not enforce basic account security precautions — such as requiring phishing-resistant multifactor authentication.

Hacking 242

Hacking Accountability Government Social Engineering 242

Krebs on Security

NOVEMBER 1, 2024

Booking.com did not respond to questions about that, and its current account security advice urges customers to enable 2FA. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware.

Phishing 225

Phishing Accountability Artificial Intelligence Cybercrime 225

Krebs on Security

OCTOBER 9, 2024

But as the mobile carriers seek to make their networks less hospitable to SIM-swappers , and as more financial platforms seek to harden user account security, today’s crypto thieves are finding they don’t need SIM-swaps to steal obscene amounts of cryptocurrency.

Cryptocurrency 248

Cryptocurrency Social Engineering Accountability Mobile 248

Krebs on Security

SEPTEMBER 22, 2023

Still, Palant and others impacted by the 2022 breach at LastPass say their account security settings were never forcibly upgraded. In February 2018, LastPass changed the default to 100,100 iterations. And very recently, it upped that again to 600,000. Palant called this latest action by LastPass a PR stunt.

Passwords 288

Passwords Encryption Password Management Cryptocurrency 288

Krebs on Security

NOVEMBER 6, 2018

Samy said a big challenge for mobile stores is balancing customer service with account security. “Ultimately, these attacks rely on the human element and the ability of an employee to override whatever security is in place.” Someone needs to light a fire under some folks to get these protections put in place.”

Mobile 241

Mobile Cryptocurrency Accountability Passwords 241