A quick Saturday digest of cybersecurity news articles from other sources.
Apple shows how work-from-home is here to stay
Workers are increasingly making it clear they will not be forced back into the office. Just ask Apple.
How Apple, Google, and Microsoft will kill passwords and phishing in one stroke
You’ve heard for years that easier, more secure logins are imminent. That day is here.
For more than a decade, we’ve been promised that a world without passwords is just around the corner, and yet year after year, this security nirvana proves out of reach. Now, for the first time, a workable form of passwordless authentication is about to become available to the masses in the form of a standard adopted by Apple, Google, and Microsoft that allows for cross-platform and cross-service passkeys. More…
He cracked passwords for a living – now he’s serving 4 years in prison
Crooks don’t need a password for every user on your network to break in and wreak havoc. One could be enough…
How password fatigue can cost organizations time, money and mental energy
On average, companies lose $480 worth of productivity per employee per year due to the time spent dealing with password problems, says Beyond Identity.
Wave of Crypto Muggings Hits London’s Financial District
Criminals in London are targeting digital currency investors on the street in a wave of “crypto muggings,” with victims reporting that thousands of pounds were stolen from their crypto wallets after their mobile phones had been forcibly taken.
City of London police provided The Guardian with several crime reports detailing how thieves have been able to take cryptocurrency by using both physical muscle and digital prowess. Here are a few examples of the incidents from those reports according to The Guardian:
- A victim ordering an Uber near Liverpool Street station had muggers forced them to hand over their phone. He ended up getting the phone back, but by then the damage had been done. While the gang eventually gave the phone back, £5,000-worth of ethereum digital currency was missing from their Coinbase account.
- A man was approached by a group of people offering to sell him cocaine and he willingly went down an alley with them to do the deal. The men said they were typing a number into his phone but in reality they went to his cryptocurrency account, and forcibly made him unlock the app with facial verification. They transferred £6,000-worth of ripple, another digital currency, out of his account.
- A third victim said he was vomiting under a bridge when a mugger forced him to unlock his phone using a fingerprint, then changed his security settings and stole £28,700, including cryptocurrency.
- In another case, a victim was using his phone in the pub and believes thieves saw him enter his account pin. His cards and phone were pickpocketed that evening, with £10,000 later stolen from his Crypto.com account.
- A student in Kent claimed last year that eight people stormed his university accommodation and forced him to transfer £68,000 of bitcoin at knifepoint.
- Later that year, the American technology entrepreneur Zaryn Dentzel told police he had been attacked at home in Madrid by masked thieves. He said they tortured him with a knife and stun gun before disappearing with millions of euros in bitcoin.
CONTINUED at the KnowBe4 Blog:
https://blog.knowbe4.com/wave-of-crypto-muggings-hits-londons-financial-district
MAY
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com