Mobile Carrier Customer Service Ushers in SIM-Swap Fraud

It’s pretty ridiculous that you can do everything right to protect your account, but you cell carrier can’t ensure their staff are trained well enough to avoid social engineering. Or maybe they need to pay them enough so they’re not as open to bribes.

Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts. Mobile carriers have left the door wide open to SIM-swap attacks, particularly when it comes to prepaid accounts, researchers have found.

Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency

Yikes! This is a problem that could only get worse. I can’t see changes to BGP happening any time soon.

Amazon lost control of a small portion of its cloud services for two hours on Tuesday morning when hackers exploited a known Internet-protocol weakness that allowed them to redirect traffic to rogue destinations.

Read the full article at arstechnica.com.

OMG! WiFi has been hacked! The World is Ending!

Sorry for the drama, but I needed to get your attention. Over the next several days (likely starting today), you’re going to hear breathless stories from all sorts of media outlets (newspapers, cable news, Twitter, etc.) saying that most WiFi connections can easily be hacked.

DON’T PANIC.*

Researchers have found a flaw that could allow hacking of the most-used type of WiFi. But, they don’t believe hackers are using this technique yet. Also, most people should think about how likely it is that someone would try to hack their home WiFi. Read more

Do You Two-Step?

Oh the joy of being online – more than 1 billion Yahoo accounts hacked, celebrities getting their photos stolen after falling victim to email schemes, login information for 167 million LinkedIn accounts was stolen – the list goes on and on.

Even if you follow my advice for creating secure passwords, there’s not much you can do when a site you use gets hacked – or is there? That’s where two-step (also called two-factor) authentication can help. Read more

Has Your Facebook Account Really Been Hacked?

Imitation is the Insincerest Form of Fakery.

Chances are pretty good that you’ve either seen Facebook friend requests from someone you’re already friends with or you’ve received questions from your Facebook friends asking why you’re requesting to be their friend again. Confusing and scary, huh? Has Facebook been hacked? Does someone have your password? Is your memory going? Most likely, none of these apply (well, okay, I can’t confirm that you aren’t losing your memory…). So, what’s really going on? Read more