Security Newsletter

19 November 2018

Beyond Passwords: 2FA, U2F and Google Advanced Protection

This post will be partly about 2FA in general, but also specifically about Google's Advanced Protection program because of the masses of people dependent on them for Gmail. Your email address is the skeleton key to your life (not just "online" life) so protecting that is absolutely paramount.

2FA is two-factor authentication. For some quick perspective, a password alone is 1FA in that when you authenticate merely by entering a secret, all you require is one factor - "something that you know". If someone obtains the thing that you know then it's (probably) game over and they have access to your account. Adding a second factor typically means either requiring "something that you have" or "something that you are". The former is a physical device. MFA is multi-factor authentication. Strictly speaking, 2FA is MFA in that obviously, it's more than one factor. It's a subset of MFA.

2-Step authentication does not necessarily require 2 discrete factors. Entering 2 different passwords, for example, might be 2-step but is entirely predicated on "something you know". U2F is Universal 2nd Factor and is an open authentication standard that strengthens and simplifies two-factor authentication (2FA) using specialized USB, NFC or Bluetooth devices based on similar security technology found in smart cards.

 

One in five Magecart-infected sites get reinfected within days

Online stores that have been infected with the Magecart malware --known to record and steal credit card details from checkout forms-- often get reinfected after clean-up operations, a recent report has revealed.

Researchers have tracked Magecart-like infections on more than 40,000 domains since 2015. The researcher says that during August, September, and October, his scanner detected Magecart-like card skimming malware on over 5,400 domains. 21.3 percent of the cleaned shops got reinfected. A large number of reinfections occurred within the first day, or after a week, but on average, the reinfection time was 10.5 days.

"This shows that countermeasures taken by merchants and their contracted security firms often fail. There are multiple reasons for this," the researcher said. The expert listed: 1/ Magecart operatives often litter a hacked store with backdoors and rogue admin accounts. 2/ Magecart operatives use reinfection mechanisms such as database triggers and hidden periodic tasks to reinstate their payload. 3/ Magecart operatives use obfuscation techniques to make their presence indistinguishable from legitimate code. 4/ Magecart operatives utilize unpublished security exploits (aka 0days) to hack sites, exploits for which there are no patches. "All in all, it takes some very keen eyes and a lot of effort to clean all traces of a breach," he said.

 

More #News

 

#Patch Time!

 

#Tech and #Tools

This content was created by Kindred Group Security. Please share if you enjoyed!

Kindred Group in brief

Kindred is one of the largest online gambling companies in the world with over 24 million customers across 100 markets. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and as an innovation driven company that builds on trust.