Yes, MFA isn’t perfect. But that’s not a reason for your company not to use it

Multi-factor authentication is one of the simplest steps you can take to harden your security. It would be an enormous mistake to think it is worthless just because it’s not a perfect solution.

Read more in my article on the Bitdefender Business Insights blog.


Don’t have your account hijacked. Secure your online accounts with more than a password, says Google

Research published at the end of last week argues that the typical user can significantly harden the security of their online accounts by linking a recovery phone number that can send an alert if there is suspicious activity on the account.

Read more in my article on the Hot for Security blog.

Got a Nest security camera? Enable two-step verification now

Two-step verification (2SV) combined with a unique password makes it harder for a hacker to see what you’re doing in your home.

Instagram finally supports third-party authentication apps for greater account security

Instagram has entered the 21st century, and finally added support for third-party 2FA apps like Google Authenticator, Duo Mobile, and Authy.

Please turn it on.

Smashing Security #088: PayPal’s Venmo app even makes your drug purchases public

Not one of Google’s 85,000 employees has had their accounts compromised by phishing in a year.  How have they done it? Find out in this podcast.

Also, we discuss with special guest Scott Helme how websites still using HTTP are now marked as “not secure” by Google Chrome, and if you’re buying drugs via PayPal’s Venmo app you should say goodbye to privacy.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault.

Yes, you should change your Twitter password – but don’t panic

Yes, you should change your Twitter password. And you should ensure you’re not using the same password anywhere else. And you should enable Login Verification.

But you shouldn’t panic.

‘Phish for the Future’ spearphishing campaign set digital civil liberty activists in its sights

One attack masqueraded as a YouTube comment to a legitimate video uploaded by the targe. Another posed as the target’s husband under the pretense of sharing family photos.

David Bisson reports.

Selena Gomez – please tell your 125 million fans to enable two-step verification

Hackers seized control of the American singer and actress’s Instagram account and posted revealing snaps of her ex-boyfriend Justin Bieber.

Lessons to learn as McAfee’s LinkedIn page is hijacked

For any corporate brand to have its social media account hijacked by mischief makers is embarrassing, but for it to happen to a major computer security company is downright humiliating.

How to better protect your Instagram account using two-step verification (2SV)

David Bisson walks you through the steps needed to enable two-step verification on your Instagram account.

How to better protect your WhatsApp account with two-step verification (2SV)

If you’re a WhatsApp user you should enable its new 2-step verification security feature.

David Bisson explains why and how.

Twitter hack sees New York Times warn of Russian missile strike against USA

Vladimir Putin is planning a missile strike on the United States?

Hold your horses, it’s the latest example of a newspaper having one of its Twitter accounts hacked.

Beware! This Android banking trojan intercepts SMS messages and bypasses 2SV

A type of Android banking trojan capable of intercepting SMS messages is currently targeting at least 50 major banking organizations worldwide.

David Bisson reports.

Apple’s lack of 2SV for Find My Phone nearly costs student his digital life

A computer science graduate student who almost had his iPhone and Mac wiped by online criminals feels that Apple should do more to protect accounts.

David Bisson reports.