The Year Targeted Phishing Went Mainstream

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 s...

Continue reading
0 Comments
Tags:
@SecGuru_OTX A Little Sunshine Ashley Madison hack Dashlane exploit kit geo-ip Keepass lastpass LinkedIn breach phishing sextortion The Coming Storm typosquatting

Google: Security Keys Neutralized Employee Phishing

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. A YubiKey Security Key made by Yubico....

Continue reading
0 Comments
Tags:
2FA chrome Dashlane Dropbox Duo Security Edge Facebook FIDO Alliance firefox Firefox Quantum GitHub Google Advanced Protection Keepass lastpass microsoft opera safari Security Keys Security Tools U2F Web Authentication API WebAuthn World Wide Web Consortium Yubikey

logo color

Quick Links

Resources