Problems with Multifactor Authentication

Roger Grimes on why multifactor authentication isn’t a panacea: The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later. And,...

Textbook Rental Scam

Here’s a story of someone who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them...

How Coinbase Phishers Steal One-Time Passwords

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as...

What Happened to Facebook, Instagram, & WhatsApp?

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that...

Friday Squid Blogging: Squid Game

Netflix has a new series called Squid Game, about people competing in a deadly game for money. It has nothing to do with actual squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog...

FCC Proposal Targets SIM Swapping, Port-Out Fraud

The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack a target’s mobile phone number and use that to...