Question regarding data shared with 2FA
Hope this makes sense. I have two accounts set up with a provider that I need to keep entirely separate, so use different usernames, passwords, IP addresses, payment details etc.However, 2FA is now compulsory, so I need to implement it on the second account. Can I use the same 2FA app (i.e. Google authenticator) for both accounts, or is some data shared with the provider that would show a link, i.e. the mac address, IP address or even the mobile phone number associated?I had considered setting up Authy for the separate account, but that now requests the mobile phone number too, before you can use it...again, leading to me wondering if the same problem applies or shared data?

Submitted January 02, 2018 at 05:51PM by ianmd
via reddit http://ift.tt/2EzTl97

New vulnerability exposed for smartphones
http://ift.tt/2Ch1j9F

Submitted January 02, 2018 at 05:22PM by silverf0x001
via reddit http://ift.tt/2DOuBc4

Data Breach Report: December 2017
http://ift.tt/2CaL4XO

Submitted January 02, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2lJc1dU

Leveraging "French Kiss Attack" to boost your phishing campaign
http://ift.tt/2EABAGM

Submitted January 02, 2018 at 06:11PM by Void_Sec
via reddit http://ift.tt/2C99EIx

Fingerprinting with Zero-Width Characters
http://ift.tt/2Cm640V

Submitted January 02, 2018 at 07:47PM by speckz
via reddit http://ift.tt/2EASdCe

Security In 5: File Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
http://ift.tt/2lGz0Y5

Submitted January 02, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2A6fbOh

Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory
http://ift.tt/2Er77ej

Submitted January 01, 2018 at 10:04PM by based2
via reddit http://ift.tt/2CF36lS

Stop Procrastinating and Get Things Done! From Senior Security Analyst/Malware Reverser to WebDev/SecDevOps
http://ift.tt/2A7cRGx

Submitted January 02, 2018 at 09:59PM by marcomcse
via reddit http://ift.tt/2lF2wNU

The password requirements for the Social Security Administration website are horrifying. How is this even allowed?
http://ift.tt/2lFYWTQ

Submitted January 02, 2018 at 09:31PM by jklick
via reddit http://ift.tt/2qcBqSN

Multiple vulnerabilities in the online services of (GPS) location tracking devices
http://ift.tt/2CsgagZ

Submitted January 02, 2018 at 10:53PM by cybergibbons
via reddit http://ift.tt/2EDkMiA

Tomb is a secure alternative to TrueCrypt and VeraCrypt ?
http://ift.tt/1x6YD5J

Submitted January 03, 2018 at 12:29AM by magicpupper
via reddit http://ift.tt/2lG40Hs

Understanding And Preparing For The Upcoming W2 Fraud Attacks in Q1.
http://ift.tt/2lH6CUJ

Submitted January 02, 2018 at 11:10PM by MadSecuritySquirrel
via reddit http://ift.tt/2CromPa

Leveraging "French Kiss Attack" to boost your phishing campaign
http://ift.tt/2EABAGM

Submitted January 02, 2018 at 11:03PM by Void_Sec
via reddit http://ift.tt/2A6A63K

Writeup and PoC for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
http://ift.tt/2lHkFe5

Submitted January 03, 2018 at 01:29AM by smesoraca
via reddit http://ift.tt/2Cv2ba5

Security Orchestration For Policy Management
http://ift.tt/2DSUMP4

Submitted January 03, 2018 at 02:32AM by abhishekiyer
via reddit http://ift.tt/2qdtb9k

VMSA-2018-0001: vSphere Data Protection (VDP) updates address multiple security issues.
http://ift.tt/2ECDMOb

Submitted January 03, 2018 at 01:26AM by bagaudin
via reddit http://ift.tt/2EAs6LH

I get this pop up on my phone for EVERY WEBSITE. It’s scary. I cleared cookies but it won’t go away?
http://ift.tt/2lIO9az

Submitted January 03, 2018 at 02:44AM by chriserie
via reddit http://ift.tt/2CtAEqz

Safe file formats
By safe I mean absolutely 100% safe or very close.I know that pdf is not safe due to javanoscriptI know that .docx is unsafe due to macrosI've heard that .rtf is unsafeWhat basic file formats are safe from malware? Mostly interested in text formats but tips on other basic formats are welcome.BONUS QUESTION: If I take an infected file (ex. .pdf) and convert it to a different format (ex. .docx) before opening, does that render the attack useless? I mean, from what I understand .pdf and .docx have different vulnerabilities, so a .pdf attack shouldn't transfer to .docx. What if I then convert it back to pdf?

Submitted January 03, 2018 at 03:47AM by Optymistyk
via reddit http://ift.tt/2CGNMFj

blackberrymobile.com mining monero?
The site seems to be including a coinhive.com noscript. http://ift.tt/2qSHLiI Address is 9KNyPFbDqJesaSxBLcQoJZX6PgXN1ld0. The way that it's implemented (before the first byte) makes it look like it got injected.Seems weird that something got injected into a BlackBerry site, since blackberry is supposed to be security-focussed.Is anyone else seeing this miner?

Submitted January 03, 2018 at 05:31AM by cryptocripples
via reddit http://ift.tt/2Cv3CVV

DNS Spoofing www.berkdusunur.net
http://ift.tt/2A8NyUR

Submitted January 03, 2018 at 06:29AM by berkdusunurx
via reddit http://ift.tt/2CwymXt

OS Command Injection Unauthorized Access
http://ift.tt/2CHphb9

Submitted January 03, 2018 at 06:19AM by berkdusunurx
via reddit http://ift.tt/2A8PHzB