Krebs on Security

How 1-Time Passcodes Became a Corporate Liability

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer ...
American Hospital Association

H-ISAC TLP White Threat Bulletin: Emerging SMS/Voice OTP Toll Fraud via Account Sign-up and Patient Portal Flows

Health-ISAC is tracking an emerging fraud pattern where threat actors exploit SMS and voice One-Time Password (OTP) mechanisms used in account sign-up, patient portal enrollment, telehealth ...
Bleeping Computer

Okta one-time MFA passcodes exposed in Twilio cyberattack

The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS from customers of Okta identity and access management company. Okta provides its ...
Hosted on MSN

Death to one-time text codes: Passkeys are the new hotness in MFA

Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to ...
Forbes

Under The Microscope: The Risks Of One-Time Passwords' Vulnerabilities

Mike Wilson is the Founder & CTO of Enzoic, a cybersecurity company that helps prevent account takeover of employee and customer accounts. Threat actors continue to target passwords, with the 2024 ...
Krebs on Security

Owners of 1-Time Passcode Theft Service Plead Guilty

Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes ...