A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes

The post Thunderbolt flaws open millions of PCs to physical hacking appeared first on WeLiveSecurity

WannaCryptor is still alive and kicking, so much so that it sits atop the list of the most commonly detected ransomware families

The post WannaCryptor remains a global threat three years on appeared first on WeLiveSecurity

Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on threats posed by mobile botnets

The post Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet appeared first on WeLiveSecurity

Eleven companies, ranging from online marketplaces to news websites, have had their user databases poached

The post Over 160 million user records put up for sale on the dark web appeared first on WeLiveSecurity

After being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it

The post Breaking news? App promises news feeds, brings DDoS attacks instead appeared first on WeLiveSecurity

COVID-19 and digital transformation – How personal data ends up in spam feeds – Common password mistakes and what to do instead

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

As you rush to buy something for your mom, con artists will be trying to make a dent in your wallet. Here are some common types of fraud to look out for not only this Mother’s Day.

The post Scams to watch out for not just this Mother’s Day appeared first on WeLiveSecurity


Today is World Password Day, and we found it fitting to release an update that’ll make it even easier for users to manage Google Authenticator 2-Step Verification (2SV) codes across multiple devices. We are introducing one of the most anticipated features – allowing users to transfer their 2SV secrets, the data used to generate 2SV codes across devices that have Google Authenticator installed. For instance, when upgrading from an old phone to a new phone. This feature has started rolling out and is available in the latest version (5.10) of Google Authenticator on Android.

Transferring accounts from one device to another with Google Authenticator

Using 2SV, 2-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) is critical to protecting your accounts from unauthorized access. With these mechanisms, users verify their identity through their password and an additional proof of identity, such as a security key or a passcode.

Google Authenticator makes it easy to use 2SV on accounts. In addition to supplying only a password when logging in, a user also enters a code generated by the Google Authenticator app on their phone. This is a safer alternative, used by millions of users, compared to passcodes via text message.

Users place their trust in Google Authenticator to keep their accounts safe. As a result, security is always a high priority. We made several explicit design decisions to minimize the attack surface while increasing the overall usability of the app. 

  • We ensured that no data is sent to Google’s servers during the transfer — communication is directly between your two devices. Your 2SV secrets can’t be accessed without having physical access to your phone and the ability to unlock it.
  • We implemented a variety of alerting mechanisms and in-app logs to make sure users are aware when the transfer function has been used.

You can find more information about the Google Authenticator and its usage guide here.

The pandemic has highlighted the need for businesses to act with alacrity and prepare for the long haul – and to do so with cybersecurity in mind

The post Digital transformation could be accelerated by COVID‑19 appeared first on WeLiveSecurity

Password recycling or using easy-to-guess passwords are just two common mistakes you may be making when protecting your digital accounts

The post 5 common password mistakes you should avoid appeared first on WeLiveSecurity