ICT Security-Sécurité PC et Internet

Sicherheitsforscher warnen vor Googles neuer 2FA-Funktion
Googles Authenticator bietet neuerdings die Synchronisation der 2FA-Geheimnisse an – allerdings ohne E2E-Verschlüsselung, warnen Sicherheitsforscher.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

Data of 553 million Facebook users including phone numbers, Facebook IDs, full names, birth dates and other information have been posted online.

The data dump was Tweeted by Alon Gal, CTO of security firm Hudson Rock. Gal posted a list of affected users by country. According to his list, the US had 32.3 million affected users and UK had 11.5 million. The data was accessed via a Telegram bot.

Other data points in the posting included gender, location and job status. Catalin Cimpanu, at The Record, also reported that he reviewed samples of the leaked data.

The data is reportedly broken up into download packages by country.

With the Facebook data out in the public it's safe to expect it to be used for cybercrime.  

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group’s widespread surveillance campaign that targets Telegram credentials and more.

Researchers have uncovered a threat group launching surveillance campaigns that target victims’ personal device data, browser credentials and Telegram messaging application files. One notable tool in the group’s arsenal is an Android malware that collects all two-factor authentication (2FA) security codes sent to devices, sniffs out Telegram credentials and launches Google account phishing attacks.

Researchers found the threat group, dubbed Rampant Kitten, has targeted Iranian entities with surveillance campaigns for at least six years. It specifically targets Iranian minorities and anti-regime organizations, including the Association of Families of Camp Ashraf and Liberty Residents (AFALR); and the Azerbaijan National Resistance Organization.

The threat group has relied on a wide array of tools for carrying out their attacks, including four Windows info-stealer variants used for pilfering Telegram and KeePass account information; phishing pages that impersonate Telegram to steal passwords; and the aforementioned Android backdoor that extracts 2FA codes from SMS messages and records the phone’s voice surroundings.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

Some types of two-factor authentication (2FA) security can no longer be guaranteed to keep the bad guys out, the FBI is reported to have warned US companies in a briefing note circulated last month.

FBI reporting identified several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts.

The simplest and therefore most popular bypass is SIM swap fraud, in which the attacker convinces a mobile network (or bribes an employee) to port a target’s mobile number, allowing them to receive 2FA security codes sent via SMS text.

Naked Security now regularly covers this kind of hack, almost always because it was used to empty people’s bank accounts, steal cryptocurrency from wallets or exchange accounts, or to attack services such as PayPal.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

 

A new wave of attacks is targeting Google and Yahoo accounts in order to bypass two-factor authentication as well as compromise users of secure email services, researchers have warned.

On Wednesday, a new report published by non-profit Amnesty International gave us a glimpse into the inner workings of recent phishing campaigns which are using a variety of techniques to infiltrate user accounts across the Middle East and North Africa.

Within the report, the researchers say that several campaigns are underway, likely conducted by the same threat group in order to target Human Rights Defenders (HRDs).

The first campaign involves hundreds of Google and Yahoo accounts being targeted, resulting in the "successful bypass of common forms of two-factor authentication (2FA)."

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

Two-factor authentication involving SMS, while used by most banks for quite some time, is not unbeatable.

Proofpoint researchers have found that “phish kits” available for purchase online are beginning to adapt to MFA by adding transparent reverse proxies to their list of tools.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

Mit minimalem Aufwand entführte ein Forscher SMS-Nachrichten mit Einmalpasswörtern. In Deutschland sollte das allerdings so nicht funktionieren.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

 

 

In a statement published today, Twitter disclosed a security incident during which third-parties exploited the company's official API (Application Programming Interface) to match phone numbers with Twitter usernames.

In an email seeking clarifications about the incident, Twitter told ZDNet that they became aware of exploitation attempts against this API feature on December 24, 2019, following a report from tech news site TechCrunch. The report detailed the efforts of a security researcher who abused a Twitter API feature to match 17 million phone numbers to public usernames.

Twitter says that following this report it intervened and immediately suspended a large network of fake accounts that had been used to query its API and match phone numbers to Twitter usernames.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Twitter

 

 

According to German business news outfit Handelsblatt, a number banks – whether private, co-operative or public – have either stopped offering the option or are planning to remove it by the end of the year. Among these are Postbank, Berliner Sparkasse, Consorsbank, and others.

The reasons are mostly due to security and regulation compliance
Since a lot of people do their online banking via their mobile/smart phones, hackers need to compromise only this device to get all the information needed to perform a fraudulent transaction. Users can have also their online banking credentials compromised and be targeted with fake text messages purportedly coming from the bank.

It’s also becoming common for attackers to perform SIM swapping to impersonate the target’s phone and validate the fraudulent transaction. And, finally, there have been instances of criminals exploiting long-known security vulnerabilities in the SS7 protocols to bypass German banks’ two-factor authentication and drain their customers’ bank accounts.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

Sicherheitsforscher wollen entdeckt haben, wie man jedes Facebook-Konto hacken kann, für das eine Handynummer hinterlegt ist.