Google to Start Urging SMS Two-Step Verification Users to Shift to Prompts

Google to Start Urging SMS Two-Step Verification Users to Shift to Prompts

There have been plenty of cyber-attacks in the recent past that would make anyone feel the need to add some additional security measures to protect their digital information. Two-step verification (2-SV) aka two-factor authentication is one of these measures being used by tech giants like Google, Microsoft and Apple over the past few years. Google, in particular, tried to make the whole two-step authentication process simpler last year by introducing ‘prompt’, which does not require users to input an SMS code. But there are some users who still prefer the old SMS route, and for them, Google has a plan to shift them to Prompts.

Starting next week, SMS 2-step verification users will see an invitation to try out Google prompts when the try to sign into, say Gmail, so that they are informed about the new alternative. Essentially, Google prompts simplifies the two-step verification process by removing the need to enter an OTP sent as SMS every time a user is trying to sign into a device. The prompt verification, instead, simply brings a pop-up on a user’s phone with a message “Are you trying to sign-in?” Followed by the device and location from where the sign in is taking place. The approval prompt gives a simple “Yes” or “No, It’s Not Me” option, which a lot simpler than having to input a code.

Google says that one of the reasons behind pushing users to shift SMS two-step verification users to prompt is due to security concerns as text messages and one-time codes are more susceptible to phishing attempts by attackers. “By relying on account authentication instead of SMS, administrators can be sure that their mobile policies will be enforced on the device and authentication is happening through an encrypted connection,” Google says.

The tech giant also updated prompt in February to show more information such as the name and location of the device attempting to sign into your account. For those still using SMS codes, expect to see the prompts preview starting next week. The prompt feature is available to Android as well as iOS users, although iOS users will need the Google search app installed to use prompts.

[“source-gadgets.ndtv”]

Attackers start wiping data from CouchDB and Hadoop databases

Data-wiping attacks have hit exposed Hadoop and CouchDB databases.

It was only a matter of time until ransomware groups that wiped data from thousands of MongoDB databases and Elasticsearch clusters started targeting other data storage technologies. Researchers are now observing similar destructive attacks hitting openly accessible Hadoop and CouchDB deployments.

Security researchers Victor Gevers and Niall Merrigan, who monitored the MongoDB and Elasticsearch attacks so far, have also started keeping track of the new Hadoop and CouchDB victims. The two have put together spreadsheets on Google Docs where they document the different attack signatures and messages left behind after data gets wiped from databases.

In the case of Hadoop, a framework used for distributed storage and processing of large data sets, the attacks observed so far can be described as vandalism.

That’s because the attackers don’t ask for payments to be made in exchange for returning the deleted data. Instead, their message instructs the Hadoop administrators to secure their deployments in the future.

According to Merrigan’s latest count, 126 Hadoop instances have been wiped so far. The number of victims is likely to increase because there are thousands of Hadoop deployments accessible from the internet — although it’s hard to say how many are vulnerable.

The attacks against MongoDB and Elasticsearch followed a similar pattern. The number of MongoDB victims jumped from hundreds to thousands in a matter of hours and to tens of thousands within a week. The latest count puts the number of wiped MongoDB databases at more than 34,000 and that of deleted Elasticsearch clusters at more than 4,600.

A group called Kraken0, responsible for most of the ransomware attacks against databases, is trying to sell its attack toolkit and a list of vulnerable MongoDB and Elasticsearch installations for the equivalent of US$500 in bitcoins.

The number of wiped CouchDB databases is also growing rapidly, reaching more than 400 so far. CouchDB is a NoSQL-style database platform similar to MongoDB.

Unlike the Hadoop vandalism, the CouchDB attacks are accompanied by ransom messages, with attackers asking for 0.1 bitcoins (around $100) to return the data. Victims are advised against paying because, in many of the MongoDB attacks, there was no evidence that attackers had actually copied the data before deleting it.

Researchers from Fidelis Cybersecurity have also observed the Hadoop attacks and have published a blog post with more details and recommendations on securing such deployments.

The destructive attacks against online database storage systems are not likely to stop soon because there are other technologies that have not yet been targeted and that might be similarly misconfigured and left unprotected on the internet by users.

 

 

[Source:- JW]

What’s on your Start Screen, Zac Bowden?

Image result for What's on your Start Screen, Zac Bowden?

It’s been a little while since we last did a “What’s on your Start Screen?”, and that’s because so much has been changing within the world of Windows phone over the last couple of years. With the introduction of Windows 10 Mobile, the redesign of several Windows phone apps, and the slow transition from several different versions of Windows to one single Windows that works across every device, we just haven’t found the time!

A lot of Windows Phone users have since left the platform since our last Start Screen article, and that’s unfortunate. However, there’s still a few of us left using Windows phones as our daily drivers, and I thought it’d be a good idea to share some of the apps I’m using on the lead up to 2017.

I don’t have many apps pinned, and that’s simply because I don’t like scrolling on my Start Screen. I’m a huge user of live tiles, and I think live tiles should be on screen at all times so I can see what information they have to offer. Still, I try to make good use of my screen real estate.

My Apps

  • Messaging: I’m super big on SMS. I know that’s kind of odd leading into 2017, but I much prefer it over any form of instant messenger such as WhatsApp or Skype. If I can, I’ll always opt to send an SMS if trying to contact someone. Everybody has SMS.
  • Phone: The standard built-in Phone app. I don’t make calls all that often, but I feel like I need to have this app pinned on my Start Screen just in case I am in a situation in which I do need to make a call.
  • Outlook Calendar: I like being able to see the date and upcoming appointments on my Start Screen, and the Calendar app does just that. Rarely do I open the Calendar app, this is definitely one of those situations in which the live tile does everything I need it to do.
  • Microsoft Edge: Edge is the best way to browse the web on a Windows 10 Mobile device, so I’m constantly using it to view websites, read news, watch videos and more. It syncs favorites across Windows 10 devices, and is lightweight and easy to use.
  • Windows Store: The Windows Store is home to all purchasable Content in the Windows ecosystem. Whether it be apps, games, music or movies/TV, I’m always in the Store looking for something new to spend my money on. I often find a movie, or a game that catches my interest.
  • Twitter: When it comes to Twitter, I opt for the official Twitter app from Twitter themselves. Yes, I know there are far better Twitter clients out there built by third parties, but I like the simplicity of the official app. It’s universal and works across PC and Phone, and what’s more, even though there are a plethora of bugs and missing features, it gets the job done.
  • Cortana: I don’t actually use Cortana all that much, but I have it pinned just in case I want to mess with a setting or two with syncing notifications and whatnot. I like the news ticker that pops up on the live tile, and will sometimes open it up to check on reminders and adjust things.
  • Outlook Mail: The built-in Mail app is my choice of email client on Windows 10 Mobile. It does everything I need, from a reliable live tile all the way down to the simplicity of the app. I can add my Outlook, Google, Yahoo and other email accounts with ease, and configure notification popups from specific accounts if needed.
  • GroupMe: GroupMe is one of the best group messaging apps available on Windows 10 Mobile, and I use it frequently with some of the Windows Central team. It’s great for team collaboration, goofing around, and just sharing things for later.
  • WhatsApp Beta: Although I’m big on SMS, I do have a need for WhatsApp too. A lot of my personal friends would rather be contacted through WhatsApp, so that’s what I use when contacting them. The WhatsApp Beta app, although still a Windows Phone 8.1 app, is coming along quite nicely being updated constantly with new features and changes.
  • Slack: Slack is the main communication platform we use here at Mobile Nations. It’s how I message the team, and how the team message me. It’s still in beta, but the app is feature-filled enough to be usable as one of my “must-have” apps on my phone.
  • Groove Music: Groove is the best music streaming service available on Windows 10 Mobile. Sure, there’s Pandora and Spotify, but those apps aren’t all that great compared to Groove, which is arguable the best app available on Windows 10 right now. I’m a subscriber to Groove music, and most of the music I’d want to listen to is ready to stream from the service.
  • Windows Central: Of course, how could I not have this one pinned to my Start Screen? I love the Windows Central app, it’s easy to use and is always updated with the latest articles direct from our feed. The live tile is super customizable too!
  • Weather: I live in the United Kingdom, so I need to know whether the weather outside is grey and raining. It usually is, but sometimes that live tile shows a bit of sunshine, and that makes me smile.
  • Instagram: Not a huge user of Instagram, I generally only use it when procrastinating. Maybe one day I’ll be Instagram-famous.
  • Trello Central: We use Trello for article planning and scheduling here at Mobile Nations, so it makes sense for me to have an app on my phone that allows me to jump in there and check on things. It’s not super feature-filled, being a 3rd-party app, but it gets the job done.
  • Uber: As a kid, I always wanted own my own car so I could drive wherever I needed, whenever I needed to. In 2016 however, all I need is Uber. Who needs to drive these days when you can get someone else to drive for you?!

 

[Source:- Windowscentral]

Latest Windows 10 Redstone builds finally start seeing UI improvements

Internal Windows 10 Redstone builds are finally starting to see a number of new user-interface improvements and changes across the operating system for both desktop and phone, after months of working on nothing but under-the-hood stuff. Insiders will be glad to hear that upcoming Insider builds have improved animations when resizing live tiles as well as improvements to the lock screen and login UI.

Microsoft recently began flighting its first UI changes in internal builds this past week, with live tiles that now fade in and out when resizing as well as improvements to how the lock screen and login UI transition between each other. It is expected that these changes will be available in the next Insider drop, which could drop this week or next week.

TileAnimationGif Latest Windows 10 Redstone builds finally start seeing UI improvements

Although not much, these are the first real user-interface changes present in Redstone, and should help make the user-experience more streamlined when doing simple things. Right now, resizing live tiles on the Start Screen is a somewhat clunky experience, so adding an additional animation that helps make the experience seem smoother will be a nice touch.

What other user-interface changes are you hoping to see in Redstone?

 

[Source:- Winbeta]