Krebs on Security

Owners of 1-Time Passcode Theft Service Plead Guilty

Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes ...
Computerworld

SHA-1 flaw seen as no risk to one-time password proposal

The vulnerability in the SHA-1 one-way hash function, which recently rocked the cryptographic world, is not seen as a threat to a new generation of one-time password products based on the encryption ...
Bleeping Computer

Banks in Singapore to phase out one-time passwords in 3 months

Hear from top experts and see how AI-powered BAS is transforming breach and attack simulation. Don't miss the event that will shape the future of your security strategy Register Now Akira ransomware ...
Ars Technica

Why MFA is getting easier to bypass and what to do about it

An entire cottage industry has formed around phishing attacks that bypass some of the most common forms of multifactor authentication (MFA) and allow even non-technical users to quickly create sites ...
PC Magazine

Details on 89M Steam Accounts Leaked, Valve Says Systems Not Breached

Valve says the leak features phone numbers that previously received a one-time passcode, but they're not associated with a Steam account, password, or other personal data. With over a decade of ...
Lifehacker

How to Spot Malicious Two-Factor Authentication Prompts

With hackers looking for any way they can to gain access to your personal information via every form of phishing scheme, it's critical to take every precaution to protect your data. Multi-factor (MFA) ...