Sign up to save your podcasts
Or
Share Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass
The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors. Not only that, a new vulnerability in the popular open-source password management software KeePass has also been reported.
Three health tracking apps available on Google Play (Lucky Step, WalkingJoy, Lucky Habit: health tracker) have been downloaded on over 20 million devices, but a recent report shows that the rewards for using the apps are impossible or only partially available after watching tons of ads.
A bug in Meta’s Accounts Center feature allowed hackers to bypass two-factor authentication (2FA) by brute force guessing a six-digit authentication code.
** Links mentioned on the show *
Convincing, Malicious Google Ads Look to Lift Password Manager Logins
https://www.darkreading.com/threat-intelligence/convincing-malicious-google-ads-password-managers
KeePass disputes vulnerability allowing stealthy password theft
https://www.bleepingcomputer.com/news/security/keepass-disputes-vulnerability-allowing-stealthy-password-theft/
Shady reward apps on Google Play amass 20 million downloads
https://www.bleepingcomputer.com/news/security/shady-reward-apps-on-google-play-amass-20-million-downloads/
Meta’s Account Center came with a 2FA-defeating bug
https://www.theverge.com/2023/1/30/23578033/meta-account-center-bug-2-factor-authentication-sms-email
** Watch this episode on YouTube **
https://youtu.be/g_7UNWmCYgg
** Thank you to our sponsors! **
SLNT
Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.
Click Armor
To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity
** Subscribe and follow the show **
Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/
Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast
Watch and Subscribe on Odysee (YouTube alternative)
https://odysee.com/@SharedSecurity:c
Follow us on Mastodon: https://infosec.exchange/@sharedsecurity
Follow us on Twitter: https://twitter.com/sharedsec
Website: https://sharedsecurity.net
Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe
Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D
Leave us a rating and review: https://ratethispodcast.com/sharedsecurity
Contact us: https://sharedsecurity.net/contact
The post Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass appeared first on Shared Security Podcast.
View all episodes
By Tom Eston, Scott Wright, Kevin Tackett
4.5
2828 ratings
The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors. Not only that, a new vulnerability in the popular open-source password management software KeePass has also been reported.
Three health tracking apps available on Google Play (Lucky Step, WalkingJoy, Lucky Habit: health tracker) have been downloaded on over 20 million devices, but a recent report shows that the rewards for using the apps are impossible or only partially available after watching tons of ads.
A bug in Meta’s Accounts Center feature allowed hackers to bypass two-factor authentication (2FA) by brute force guessing a six-digit authentication code.
** Links mentioned on the show *
Convincing, Malicious Google Ads Look to Lift Password Manager Logins
https://www.darkreading.com/threat-intelligence/convincing-malicious-google-ads-password-managers
KeePass disputes vulnerability allowing stealthy password theft
https://www.bleepingcomputer.com/news/security/keepass-disputes-vulnerability-allowing-stealthy-password-theft/
Shady reward apps on Google Play amass 20 million downloads
https://www.bleepingcomputer.com/news/security/shady-reward-apps-on-google-play-amass-20-million-downloads/
Meta’s Account Center came with a 2FA-defeating bug
https://www.theverge.com/2023/1/30/23578033/meta-account-center-bug-2-factor-authentication-sms-email
** Watch this episode on YouTube **
https://youtu.be/g_7UNWmCYgg
** Thank you to our sponsors! **
SLNT
Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.
Click Armor
To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity
** Subscribe and follow the show **
Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/
Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast
Watch and Subscribe on Odysee (YouTube alternative)
https://odysee.com/@SharedSecurity:c
Follow us on Mastodon: https://infosec.exchange/@sharedsecurity
Follow us on Twitter: https://twitter.com/sharedsec
Website: https://sharedsecurity.net
Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe
Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D
Leave us a rating and review: https://ratethispodcast.com/sharedsecurity
Contact us: https://sharedsecurity.net/contact
The post Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass appeared first on Shared Security Podcast.
More shows like Shared Security Podcast
View all
Hacked
187 Listeners
Security Now (Audio)
2,008 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,021 Listeners
Smashing Security
319 Listeners
Click Here
416 Listeners
Darknet Diaries
8,062 Listeners
Cybersecurity Today
179 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
139 Listeners
The 404 Media Podcast
391 Listeners