All articles tagged with #2fa
Originally Published 2 months ago — by The Hacker News
X is urging users with security keys for two-factor authentication to re-enroll their keys by November 10, 2025, to avoid account lockouts and to facilitate the transition from the twitter.com domain to x.com, with re-enrollment required only for security key users, not those using other 2FA methods.
Originally Published 3 months ago — by theregister.com
Researchers have uncovered 'Pixnapping,' a new attack on Android devices that allows malicious apps to steal sensitive information, including 2FA codes, by exploiting GPU side channels and rendering timing attacks. Although Google has issued patches, the vulnerability remains partially mitigated, and the attack has been demonstrated on multiple devices, highlighting ongoing privacy risks in Android's graphics rendering processes.
Originally Published 4 months ago — by Tom's Guide
Several top password managers, including 1Password, Bitwarden, and LastPass, have been found vulnerable to a clickjacking flaw that allows hackers to steal login credentials, 2FA codes, and credit card information by overlaying invisible HTML elements, with all tested managers susceptible to at least one attack method. Users are advised to update their software and disable autofill until patches are released.
Originally Published 5 months ago — by PCMag
Proton has launched a new open-source two-factor authentication app called Proton Authenticator, aiming to provide a privacy-focused alternative to Google and Microsoft’s tools. It offers secure, offline-capable code generation, cross-device sync, and data backup, emphasizing user control and transparency. The app is free and available across multiple platforms, marking Proton's entry into the 2FA market alongside its existing privacy tools.
Originally Published 5 months ago — by MacRumors
Proton has launched Proton Authenticator, a free, open-source two-factor authentication app that offers encrypted backup and cross-device sync, enhancing security and privacy for users across all major platforms.
Originally Published 5 months ago — by Forbes
The FBI has issued a warning urging Windows and Linux users to immediately enable two-factor authentication (2FA) to protect against the rising Interlock ransomware threat, which employs tactics like drive-by downloads and social engineering to breach systems. The agency provides detailed mitigation strategies, emphasizing the importance of 2FA, system updates, network segmentation, and having a recovery plan in place.
Originally Published 6 months ago — by Forbes
Google has confirmed a significant attack on Gmail users, emphasizing the urgent need for account upgrades, particularly adopting passkeys over traditional passwords and 2FA, to enhance security amid ongoing data breaches and leaks.
Originally Published 6 months ago — by Forbes
Google has confirmed that most users need to upgrade their account security, emphasizing the adoption of passkeys over traditional passwords and 2FA, especially after recent account compromises. Passkeys offer a phishing-resistant, hardware-linked login method that simplifies security across Google services and beyond, addressing vulnerabilities associated with SMS-based 2FA and password theft.
Originally Published 6 months ago — by Lifewire
Google warns users to change their passwords immediately following a massive breach exposing billions of logins, and recommends enabling two-factor authentication or switching to passkeys, which are more secure and resistant to phishing.
Originally Published 1 year ago — by Forbes
With increasing cyber attacks targeting Gmail users, including methods to bypass two-factor authentication (2FA), it's recommended to open a second Gmail account as a backup to mitigate potential data loss. While this doesn't prevent attacks, it ensures important emails are preserved. Users are also advised to enroll in Google's Advanced Protection Program for enhanced security and regularly use Google's security checkup tool to safeguard their accounts.
Originally Published 1 year ago — by Forbes
With increasing cyber attacks targeting Gmail users, including methods to bypass two-factor authentication (2FA), it's recommended to open a second Gmail account as a backup to mitigate potential data loss. This secondary account can store forwarded emails from the primary account, providing a safeguard if the main account is compromised. Additionally, enrolling in Google's Advanced Protection Program can enhance security by adding layers of protection against phishing and unauthorized access.
Originally Published 1 year ago — by PhoneArena
Despite having 2FA enabled, some Gmail and YouTube users are reporting compromised accounts, with hackers changing passwords and recovery details. This is linked to a scam promising free XRP cryptocurrency, with cybercriminals using phishing emails and deepfake videos to trick users. The scammers bypass 2FA security by directing victims to cookie theft malware designed to steal session cookies, allowing them to masquerade as legitimate users. Google acknowledges the issue and advises users to set up additional security measures, while also offering a seven-day window for account recovery after changes.
Originally Published 1 year ago — by Forbes
Hackers are targeting Gmail and YouTube accounts, bypassing two-factor authentication (2FA) security and locking users out, often in connection with cryptocurrency scams. The attackers use session cookie hijack attacks to bypass 2FA, and Google recommends users set up recovery factors and utilize security tools like passkeys and Security Checkup. Additionally, YouTube users, particularly gamers, are being targeted with information-stealing malware distributed through compromised accounts, posing a significant threat to the gaming community.
Originally Published 1 year ago — by Forbes
Hackers are targeting Gmail and YouTube accounts, bypassing 2FA security and locking users out, often in connection with cryptocurrency scams involving Ripple's XRP. The attackers use session cookie hijack attacks to bypass 2FA, and Google recommends users set up recovery factors and use security tools like passkeys and Security Checkup. Additionally, YouTube users, especially gamers, are being targeted with information-stealing malware distributed through compromised accounts, posing a significant threat to the gaming community.
Originally Published 1 year ago — by TechRadar
A new phishing kit called Tycoon 2FA is being used in "thousands" of attacks, with the ability to bypass two-factor authentication (2FA) and evade security analysts. The kit has seen significant upgrades, making it harder to detect and analyze, and allowing attackers to intercept victim input, steal session cookies, and 2FA codes. Despite the effectiveness of multi-factor authentication (MFA), threat actors are finding ways to work around it, posing a significant challenge to email and account security.