Sign up to save your podcasts
Or
Share EP40 2021: Phishing is Solved?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP40 2021: Phishing is Solved?
Guests
- Elie Bursztein, security, anti-abuse and privacy researcher @ Google
- Kurt Thomas, security, anti-abuse and privacy researcher @ Google
Topics:
- Can we say that “Multi-Factor Authentication - if done well - fixes phishing for good” or is this too much to say?
- What are the realistic and seen-in-the-wild bypasses for MFA as a protection?
- How do you think these controls fare vs top tier attackers (clearly, they work vs commodity threats)?
- What do we know about burden vs value of MFA today?
- What can we realistically do to increase MFA/2FA adoption to the 90%s?
- Can we share anything about what we’re seeing as industry benchmarks on MFA adoption so far?
- We’ve seen a lot of ugly debates over the value of SMS as MFA, what is your research-based take on this?
Resources:
- Google Titan Security Key
- “Malicious Documents Emerging Trends: A Gmail Perspective” (RSA 2020)
- “New research: How effective is basic account hygiene at preventing hijacking”
- “New Research: Lessons from Password Checkup in action”
- “New research reveals who’s targeted by email attacks”
- “New research: Understanding the root cause of account takeover”
- “"Why wouldn't someone think of democracy as a target?": Security practices & challenges of people involved with U.S. political campaigns”
- "Tales from the Trenches: Using AI for Gmail Security" (ep28)
View all episodes
By Anton Chuvakin
4.8
3838 ratings
Guests
- Elie Bursztein, security, anti-abuse and privacy researcher @ Google
- Kurt Thomas, security, anti-abuse and privacy researcher @ Google
Topics:
- Can we say that “Multi-Factor Authentication - if done well - fixes phishing for good” or is this too much to say?
- What are the realistic and seen-in-the-wild bypasses for MFA as a protection?
- How do you think these controls fare vs top tier attackers (clearly, they work vs commodity threats)?
- What do we know about burden vs value of MFA today?
- What can we realistically do to increase MFA/2FA adoption to the 90%s?
- Can we share anything about what we’re seeing as industry benchmarks on MFA adoption so far?
- We’ve seen a lot of ugly debates over the value of SMS as MFA, what is your research-based take on this?
Resources:
- Google Titan Security Key
- “Malicious Documents Emerging Trends: A Gmail Perspective” (RSA 2020)
- “New research: How effective is basic account hygiene at preventing hijacking”
- “New Research: Lessons from Password Checkup in action”
- “New research reveals who’s targeted by email attacks”
- “New research: Understanding the root cause of account takeover”
- “"Why wouldn't someone think of democracy as a target?": Security practices & challenges of people involved with U.S. political campaigns”
- "Tales from the Trenches: Using AI for Gmail Security" (ep28)
More shows like Cloud Security Podcast by Google
View all
Risky Business
362 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
633 Listeners
The Cloudcast
154 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
CyberWire Daily
1,013 Listeners
AWS Podcast
200 Listeners
Smashing Security
314 Listeners
Click Here
389 Listeners
Cybersecurity Today
162 Listeners
Kubernetes Podcast from Google
181 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
312 Listeners
Defense in Depth
76 Listeners
Cyber Security Headlines
120 Listeners
Risky Bulletin
33 Listeners