A researcher found that some AWS authentication cookies remain valid for up to 12 hours even after a user has changed the password and logged out.
New Google research on account takeovers found that basic account hygiene can defeat the vast majority of attacks.
A weakness in the Bluetooth pairing protocol in some Titan keys can leave them open to hijacking.
Mobile payments are very popular in African companies and SIM card fraud is a massive problem. At the Kaspersky Security Analyst Summit, CERT Mozambique discussed how the banks and mobile operators worked together to ensure thieves didn't loot customer accounts just by stealing phone number.
Yubico is bringing hardware-based 2FA to mobile devices with two new security keys, including one that has NFC support.