Account security | Breaking Cybersecurity News | The Hacker News

A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that's designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs, and even photo IDs from hundreds of victims, mostly in the United States," Lookout  said  in a report. Targets of the phishing kit include employees of the Federal Communications Commission (FCC), Binance, Coinbase, and cryptocurrency users of various platforms like Binance, Coinbase, Gemini, Kraken, ShakePay, Caleb & Brown, and Trezor. More than 100 victims have been successfully phished to date. The phishing pages are designed such that the fake login screen is displayed only after the victim completes a CAPTCHA test using hCaptcha, thus preventing automa

My usual bed routine is to check comments under my articles before I go to sleep. The same I was doing last night, but something weird happened to me. Someone posted a mysterious short link without any text below one of my articles on our  official 'The Hacker News' Facebook Page , and with the curiosity to check that link I visited that website. And what I saw… One by one my every single account I logged in into my web browser got automatically logged out just in few seconds in front of my eyes. This is exactly what Super Logout does. Log Out All Your Accounts in Just One Click Yes, Super Logout – a website that logs you out of over 30 major Internet services just in one click. You can visit 'Super Logout' here . ( Note : Once clicked, this will log you out instantly from all your online accounts and don't worry it is neither harmful, nor malicious ) This is a great tool for people who: Usually visit Internet Cafes for surfing In

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Google is taking its users' privacy very serious and making every possible effort for its users just to make them feel secure when they are online. Today, the tech giant has announced its enhanced two-step verification service that is based on a physical USB key, adding yet another layer of security to protect its users from hackers and other forms of online theft. SECURITY KEY- 2 STEP VERIFICATION USING USB DRIVES The "Security Key" feature will currently work on Chrome and will be free for Google users, but the company also notes that the Security Key is supporting the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, which will allow users to log in to Google Accounts by inserting a USB device into their systems. By letting users protect their accounts using two-factor authentication based on physical USB keys, it will be no longer any compulsion for you to type in the six-digit authentication code in Google's Gmail or your Google Acco

Does a Strong Password Guarantee you the Security of your Online Account? If yes, then you should once check out our ' Data breaches ' section on the website. A Startup Company,  SlickLogin  has developed a technology that enables you to login into online accounts using Ultrasonic sound, instead of entering username and password on your. The company claims its technology offers " military-grade security " that replaces passwords in the two-step process simply by placing your Phone next to their laptop or tablet. When you sign-in via SlickLogin enabled website, the computer will play a sound which is encrypted into Ultrasonic Sound, inaudible to the human ear, but your Smartphone can hear it. The Smartphone Sends data back to the SlickLogin Servers for authentication and grants immediate access. Each sound is different, unique and cannot be reused to hack an account. Recently, Google has acquired this two month old Israeli Startup, " Today