CSO Online

Security experts caution MFA alone can no longer stop threat actors

Current campaigns are allowing even novice attackers to scoop up authentication tokens with increasing frequency, bypassing ...

Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.
The Hacker News

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You

MFA prompt bombing enabled Cisco attackers to steal 2.8GB in 2022, exposing push MFA weaknesses and account takeover risks.

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass ...

How Apple turned to math to defend against next-gen attacks on encryption

Apple says testing missed flaws in new encryption designed to protect against future attacks from quantum computers, so it ...
Lifehacker

Microsoft Is Eliminating SMS Codes for Two-Factor Authentication

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...