Security Alerts & News
by Tymoteusz A. Góral

History
#1204 NIST prepares to ban SMS-based two-factor authentication
The US National Institute for Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban of SMS-based Two-Factor Authentication (2FA).

According to the latest DAG draft version, NIST officials are discouraging companies from using SMS-based authentication, even saying that SMS-based 2FA might be considered insecure in future versions of the guideline. The exact paragraph in the NIST DAG draft is:

“If the out of band verification is to be made using a SMS message on a public mobile telephone network, the verifier SHALL verify that the pre-registered telephone number being used is actually associated with a mobile network and not with a VoIP (or other software-based) service. It then sends the SMS message to the pre-registered telephone number. Changing the pre-registered telephone number SHALL NOT be possible without two-factor authentication at the time of the change. OOB using SMS is deprecated, and will no longer be allowed in future releases of this guidance.”
Read more
#1214 New attack that cripples HTTPS crypto works on Mac, Windows and Linux
#1213 KeySniffer vulnerability opens wireless keyboards to snooping
#1212 Unpatched smart lighting flaws pose IoT risk to businesses
#1211 Amazon Silk browser ignored SSL searches, failing to protect your privacy
#1210 Microsoft Authenticator – coming August 15th! Supports AzureAD & Microsoft acct!
#1209 In-the-wild Ransomware Protection Comparative Analysis 2016 Q3 (PDF)
#1208 Windows UAC bypass leaves systems open to malicious DLLs
#1207 O2 customer data sold on dark net
#1206 Facebook admits blocking WikiLeaks’ DNC email links, but won’t say why
#1205 New evidence suggests DNC hackers penetrated deeper than previously thought
#1204 NIST prepares to ban SMS-based two-factor authentication
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12