ate on Friday, Twitter announced a new policy that will remove text message two-factor authentication (2FA) from any account that won’t pay for it.
In a blog post, Twitter said that it will only allow accounts that subscribe to its premium Twitter Blue feature to use text message-based 2FA. Twitter users that don’t switch to a different type of two-factor authentication will have the feature removed from their accounts by March 20.
That means that anyone who relies on Twitter sending a text message code to their phone to log in will have their 2FA switched off, allowing anyone to access their accounts with just a password. If you have an easily guessable Twitter password or use that same password on another site or service, you should take action sooner rather than later.
LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems. The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party cloud service shared […]
A New York-based spyware maker has agreed to notify the individuals whose phones were compromised by its mobile surveillance software, following a deal with the New York attorney general’s office announced Thursday. Under the agreement, Patrick Hinchy, whose 16 companies promoted apps like PhoneSpector and Highster, will also pay $410,000 in civil penalties for illegally […]
Every developer knows that it’s a bad idea to hardcode security credentials into source code. Yet it happens and when it does, the consequences can be dire. Until now, GitHub only made its secret scanning service available to paying enterprise users who paid for GitHub Advanced Security, but starting today, the Microsoft-owned company is making […]
Leave a Reply