 |
Post AwSqwyn973vPgUfi9A by [email protected] |
 |
More posts by [email protected] |
|
Post #AwGPQJ1BrSPKCTuvjc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Coming shortly. Researchers say they've uncovered an in-the-wild phishing o… |
|
|
|
Post #AwGPQJ7ZTjVmWGu1gG by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@dangoodin Once again, a case of "OMG Door Weakness!1!!" by going thr… |
|
|
|
Post #AwSm58G7IXyPanI5Vg by [email protected] |
|
0 likes, 1 repeats |
|
|
|
The company that reported (incorrectly) finding a way to bypass FIDO2-based MFA… |
|
|
|
Post #AwSmrgs7uWroqKDweG by [email protected] |
|
0 likes, 1 repeats |
|
|
|
My story from Monday is here:https://arstechnica.com/security/2025/07/no-phishe… |
|
|
|
Post #AwSpDijJspYCstjkvo by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@dangoodin This is why we have a replication crisis in science; people keep try… |
|
|
|
Post #AwSqwyn973vPgUfi9A by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dangoodin i’ve read this „bypass“ in a paper 2+years ago. it’s social … |
|
|
|
Post #AwSqxdvkA0ADH20ejw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@cy Yes, it IS social engineering. SE is one of the techniques FIDO2 was design… |
|
|
|
Post #AwSr13kOd73ODEKaUC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dangoodin I'm a bit puzzled by the assertion that with fido, the process … |
|
|
|
Post #AwSrjfjekhyElvG3Lk by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@devcoffee Well, for one thing, the QR code shown in the writeup isn't even… |
|
|
|
Post #AwSuayHOjgDNXfaD0y by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@devcoffee @dangoodin it looks like Marcus is correct hereSince the qrcode is p… |
|
|
|
Post #AwSunF89uTztHO74lc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dangoodin @rmondello well yes I got that the QR code as presented isn't pa… |
|
|
|
Post #AwSut2X3fCE3wZWWv2 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@devcoffee @dangoodin Dan I don’t get your section about the proximity: there… |
|
|
|
Post #AwSwqyxiALZ8CU8Z3Q by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GuillaumeRossolini @devcoffee @dangoodin there is no direct relationship betwe… |
|
|
|
Post #AwSxGkLh7UewPKdlei by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@dangoodin @devcoffee @rmondello the primary phishing protection for passkeys i… |
|
|
|
Post #AwSySLBAcsUnm3oIFs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GuillaumeRossolini @devcoffee @dangoodin a CDA QR code from the attackers devi… |
|
|
|
Post #AwSzLxxGA1hhxgpNui by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@dangoodin the main problem here is that almost every big tech corp force you t… |
|
|
|
Post #AwT0mH2XvO58dYPPm4 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@timcappalli ok then, I didn’t know that and I must have skimmed the page a l… |
|
|
|
Post #AwT4X95bbPKtS2sj2W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GuillaumeRossolini @timcappalli @devcoffee Yes. To date there have been no cre… |
|
|
|
Post #AwT4X9BzDgRLlprozA by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@dangoodin @timcappalli @devcoffee there was one (credible, not feasible) 😈 … |
|
|
|
Post #AwT6PpmdBQ4JSKeEQy by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GuillaumeRossolini @timcappalli @devcoffee The report got picked up by media s… |
|
|
|
Post #AwTAZyNWTusKpEzfqi by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GuillaumeRossolini @timcappalli @devcoffee The attack you describe works, but … |
|
|
|
Post #AwTuGNl90AZ5dvdfo8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@dangoodin THANKS for covering this! I was frustrated when I read about it. The… |
|
|
|
Post #AwVNSiVAnckrHJMWae by [email protected] |
|
0 likes, 1 repeats |
|
|
|
There you have it, folks. I got pushback when I asserted in a story Monday and … |
|
|
|
Post #AwVNmhHB4AkfGhLLI8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@dangoodin Kudos to Expel. I almost never hear anyone in security admit to bein… |
|
|
|
Post #AwVPBQuR9e4hhY47V2 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@cR0w @dangoodin They were pretty good to report a vulnerability to, too. It w… |
|
|
|
Post #AwVPIcyQhKH395Mbdw by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@FritzAdalis @dangoodin That's really cool to hear. |
|
|
|
Post #AwVQLXWxUWst5ST08O by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@cR0w Strong agree. It's amazing how a little transparency can redeem you a… |
