News

  • Recent ‘MFA Bombing’ Attacks Targeting Apple Users

    Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to…

    Read More

  • Avoid Making Costly Mistakes with Your Mobile Payment Apps

    There used to be a time when one roommate split the cost of rent with another by writing a check. Who still owns a checkbook these days? Of course, those days are nearly long gone, in large part thanks to “peer to peer” (P2P) mobile payment apps, like Venmo, Zelle, or Cash App. Now with a simple click on an app, you can transfer your friend money for brunch before you even…

    Read More

  • Quizzes and Other Identity Theft Schemes to Avoid on Social Media

    Before you take the fun-looking quiz that popped up in your social media feed, think twice. The person holding the answers may be a hacker.  Where people go, hackers are sure to follow. So it’s no surprise hackers have set up shop on social media. This has been the case for years, yet now social media-based crime is on the rise.…

    Read More

  • Portugal Forces Sam Altman’s Worldcoin to Stop Collecting Biometric Data

    The cryptocurrency-powered iris-scanning project led by OpenAI CEO Sam Altman must halt collecting data for 90 days in Portugal Read More

    Read More

  • On Secure Voting Systems

    Andrew Appel shepherded a public comment—signed by twenty election cybersecurity experts, including myself—on best practices for ballot marking devices and vote tabulation. It was written for the Pennsylvania legislature, but it’s general in nature. From the executive summary: We believe that no system is perfect, with each having trade-offs. Hand-marked and hand-counted ballots remove the…

    Read More

  • US Targets Crypto Firms Aiding Russia Sanctions Evasion

    The US Treasury has designated several Russian blockchain and virtual currency firms for sanctions evasion Read More

    Read More

  • CISA and FBI Urge Renewed Effort to Eliminate SQL Injection Flaws

    The US government wants developers to get serious about tackling SQL injection bugs Read More

    Read More

  • The Growing Importance of CAASM in Company Cybersecurity Strategy

    The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The recent years’ events, including the proliferation of ransomware, the pandemic, and political tensions, have fast-tracked the development of both offensive and defensive…

    Read More

  • AI and Trust

    Watch the Video on YouTube.com A 15-minute talk by Bruce Schneier. Read More

    Read More

  • New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns

    Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks Read More

    Read More