Yahoo recently rolled out a new way for users to access their services without entering a password. Their new system uses a cellphone to authenticate the user. Instead of entering a password, the user receives a verification code via text message on their phone. (The user would have provided their phone number to Yahoo when setting…
Read MoreFor users who are not system administrators, the biggest impact of the Heartbleed vulnerability has been all the passwords that they have had to change. This, together with improvements in alternative authentication methods (like the fingerprint scanners now embedded in flagship smartphones), have caused some rather bold statements about passwords to be made. Passwords are out…
Read MorePhishing has evolved into a variety of forms. Phishers are always trying out new tricks to try to evade anti-phishing filters that are continually updated to recognize the latest phishing techniques. It thus seems strange for us to see this phishing attempt targeting users of two banking Web sites in North America: The first email…
Read More