two factor authentication | Breaking Cybersecurity News | The Hacker News

Google has found an excellent idea to celebrate Safer Internet Day . The search engine giant is offering a nice perk for its users who complete a quick Security Checkup by February 17th. No doubt, its willing to bribe us, , but you probably should review your security settings anyway, and I loved the idea. Now, what's the perk?? Google is providing you 2GB of extra space in your Google Drive account and there's an easy way to fetch the offer. You just have to check your account security, and for that, simply follow the steps given below: In the next week, head to Google's security checkup page Then, follow some simple instructions given on the page Under the Security Checkup process, a user will go through simple confirmations, like: Your backup email address Ensures your account recovery information is current Lets you review recent sign-in activity Confirms the list of apps that access your account information. The process will hardly take 5 minutes or so t

A critical cross-site scripting ( XSS ) vulnerability in the Google Apps administrator console allowed cyber criminals to force a Google Apps admins to execute just about any request on the https://admin.google.com/ domain. The Google Apps admin console allows administrators to manage their organization's account. Administrators can use the console to add new users, configure permissions, manage security settings and enable Google services for your domain. The feature is primarily used by many businesses, especially those using Gmail as the e-mail service for their domain. The XSS flaw allowed attackers to force the admin to do the following actions: Creating new users with "super admin" rights Disabling two-factor authentication ( 2FA ) and other security measures from existing accounts or from multiple domains Modifying domain settings so that all incoming e-mails are redirected to addresses controlled by the attacker Hijack an account/email by resett

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

In the wake of the biggest digital exposure of personal nude selfies belonging to as many as 100 high-profile celebrities, Apple said the company plans to add extra security measures to keep hackers out of user accounts. Not just this, the company also plans to extend its two-factor authentication (2FA) feature to account logins to the iCloud service from mobile device in order to avoid future intrusions. APPLE BROADEN SECURITY WITH NEW RELEASE The company's chief executive, Tim Cook told the Wall Street Journal in an interview that the company will introduce more features to tighten up the security of its users' online accounts, but he " aggressively encourage " users to be more alert to the risks posed by cyber criminals, as you can't leave everything on the service providers. " We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are, " Cook told the Journal. Apple will give alerts to users via emails a

The popular social media site Twitter is rolling out a couple of new features to its login process to help users prevent their account in a more secure way and restore access to their account if they forget their accounts' password. For tighten up the security measures Twitter is launching two factor authentication in its new password reset experience, making its users to reset their password in easier way and at the same time difficult for cybercriminals to log in to users' accounts. " The new process lets you choose the email address or phone number associated with your account where you'd like us to send your reset information. That way, whether you've recently changed your phone number, or are traveling with limited access to your devices, or had an old email address connected to your Twitter account, you've got options ," Twitter said in a blogpost on Thursday. RESET TWITTER PASSWORD WITH SMS This new experience will let Twitter users to

iBanking is nothing but a mobile banking Trojan app which impersonates itself as a so-called ' Security App ' for Android devices and distributed through HTML injection attacks on banking sites, in order to deceive its victims. Recently, its source code has been leaked online through an underground forum that gave the opportunities to a larger number of cyber criminals to launch attacks using this kind of ready-made mobile malware. The malicious iBanking app installed on victims' phone has capabilities to spy on user's communications. The bot allows an attacker to spoof SMS, redirect calls to any pre-defined phone number, capture audio using the device's microphone and steal other confidential data like call history log and the phone book contacts. According to new report from ESET security researchers, now this iBanking Trojan ( Android/Spy.Agent.AF ) is targeting Facebook users by tricking them to download a malware application. The malware uses

Code repository GitHub  offers two-factor authentication to beef up security around its users' accounts. Github is a coding repository where developers used to build their projects projects that may turn out to be valued knowledgeable assets. Two-Factor Authentication adds another layer of authentication to the login process, Now users have to enter their username and password, and a secret code in the second step, to complete the sign in. If a hacker manages to steal a user's credentials through phishing or trojans, cannot do anything, as they do need a second key to enter. " We strongly urge you to turn on 2FA for the safety of your account, not only on GitHub, but on other websites that support it, " the company says . This two-factor authentication for Githu can be turned on in your account settings. GitHub hit 3.5 million users' landmark along with 6 million repositories deposited on its 5th anniversary in April. Two-factor authentication can protect you

Google being one of the top web based service provider, has huge number of Internet users availing the free and paid services for their day-to-day personal and/or professional needs. Many of them have configured their mobile phone number for their account password recovery options. Certainly, when comes the mobility, many of these users prefer Google's android based smart phones and tablets to access these services anytime, anywhere. In case of issues in accessing GMAIL services, user is been provided with the option to reset the account password by simply asking Google to send a verification code on the pre-registered mobile number. On the other hand, Android (mobile operating system from Google) based devices are bundled with security features to keep the privacy of user data/information intact. The user can opt to set the security level from none to Password (High), this ensures that, to access the mobile device and information within it, the user needs to pass through

Q-CERT team found a critical vulnerability that allows the attacker to bypass the two-factor authentication in the most popular file sharing service ' DropBox '. Two Factor Authentication is an extra layer of security that is known as " multi factor authentication " that requires not only a password and username but also a unique code that only user can get via SMS or Call. Zouheir Abdallah demonstrated , if an attacker already knows the username and password of the victim's Dropbox account, which is protected by two-factor authentication, it is still possible to hack that Dropbox account using following explained technique. DropBox does not verify the authenticity of the email addresses used to Sign up a new account, so to exploit this flaw hacker just need to create a new fake account similar to the target's account and append a dot (.) anywhere in the email address. In Next step, enable 2-factor authentication for the fake account, and save the emerg