Vitalik Buterin reveals X account hack was caused by SIM-swap attack - The Ethereum co-founder has regained control of his T-Mobile acco... - https://cointelegraph.com/news/vitalik-buterin-reveals-x-account-hack-was-caused-by-sim-swap-attack #vitalikbuterin #twitter #simswap #hack #scam #x

#mastoaiuto ad un conoscente arriva un messaggio che sua zia 70enne è su #Telegram. La zia usa il cell. solo per chiamate e #whatsapp. Il nipote controlla e sul cellulare effettivamente c'è telegram ma con un nick ed una foto di un altra persona (russa probabilmente). Riavvia il telefono e telegram scompare. Provando a reinstallare telegram l'sms di conferma non arriva. Secondo voi è probabile un #simswap? Il cellulare riceve e invia telefonate normalmente.

@Efani Now for my least favorite part of making new accounts. Grabbing ALL of my @yubico #yubikeys to add my TOTP of FIDO/WebAuthn for my 2FA for security. Well at least I have plenty of backups. Ones with stickers are for work
#yubikey #cybersecurity #infosec #yubicoambassador #privacy #SIMswap #cellphone

Just fixed my @Efani dashboard issues, support was great. So now that I have access to my dashboard some notes for #Efani

TOTP Code generation shouldn't just be QR, you should also allow the string of text to be manually input. I had to use zbarimg to convert the QR code to text to input into my @yubico security key and vault for TOTP generation.
You should also add FIDO/WebAuthn support. TOTP has a single seed, so if stolen they have access. #infosec #Cybersecurity #SIMSwap #cellphone

Been using my #influencer status to pull companies to the #fediverse. Managed to get @Efani to see the advantages for the #InfoSec and #cybersecurity community. They are a great cell company I actually sought out to prevent my own SIM swap attacks. With Mastodon being more private it makes sense for them to be here

If you do switch to them let them know I sent you or use the link in my bio. You know my rules I will only promote things I actually will use.

#android #ios #cellphone #simswap

Over $765K worth of NFTs stolen after SIM swap attack on GutterCatGang - The bad actors utilized a fake GutterCatGang airdrop scam to drai... - https://cointelegraph.com/news/over-765k-worth-of-nfts-stolen-after-sim-swap-attack-on-guttercatgang #simswapattackcrypto #simswapattack #guttercatgang #simswap #nfthack #zachxbt

This is a scary story. #scam #simswap #chase #verizon
Hacker stole my phone, credit card, identity. I set out to find them. - Business Insider https://apple.news/AubZ5nw8rSWOmgnNDwb0F-w

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

---

https://krebsonsecurity.com/2023/02/hackers-claim-they-breached-t-mobile-more-than-100-times-in-2022/

#TMobile #DataBreach #SimSwap #Hack #MFA

Vocês sabem por que o #SMS não é recomendado para autenticação por dois fatores (#2FA)?

1️⃣ É conveniente? É. Mas experimente sair do país e tente solicitar um código por SMS.

2️⃣ É um sistema legado e cheio de falhas, permitindo em última instância a interceptação de mensagens.

3️⃣ Porém ninguém vai empenhar tantos recursos para capturar nossos SMS quando podem fazer #SIMSwap, uma técnica bem mais popular entre os bandidos. É a famosa clonagem de linha. Uma vez com seu número transferido para outro chip, eles podem receber seus SMS à vontade.

Por isso sempre que possível ativem 2FA usando #TOTP (códigos que expiram em 30 segundos) ou security keys (como a Yubico ou Google Titan).

Para gerar os códigos TOTP você pode usar gerenciadores de senha como #KeePass e #Bitwarden ou aplicativos como o #FreeOTP ou #Aegis.

Você pode até usar o terminal do Linux para gerar seus códigos usando o #pass ou esse tutorial <https://is.gd/mJOvG3>.

Sempre salve os seeds em local seguro. Seeds são aqueles códigos alfanuméricos gerados na hora de ativar o 2FA numa conta. Salve também os códigos de backup.

E para chaves de segurança, como a Yubico, o ideal é se possível comprar uma para usar e outra para deixar de backup. Mas como o preço é alto para nós brasileiros...

Twitter tells users: Pay up if you want to keep using insecure 2FA - Ironically, Twitter Blue users will be allowed to keep using the very 2FA process that's ... https://nakedsecurity.sophos.com/2023/02/20/twitter-tells-users-pay-up-if-you-want-to-keep-using-insecure-2fa/ #2-factorauthentication #twitter #simswap #2fa #sim

Amir Hossein Golshan allegedly broke into influencers' Instagram accounts not just for financial gain, but to sextort the victims too.
https://www.vice.com/en/article/4axjbm/sim-swapper-amir-golshan-instagram-influencers-dates-strip
#CYBER #SIMSwapping #Hacking #extortion #Sextortion #SIMSwap #simjackers #Instagram

Intel 471 looked at some of the dynamics around eSIMs and SIM swapping.
#InfoSec #CyberCrime #SimSwap #NumberHijack

https://intel471.com/blog/a-look-at-esims-and-number-hijacking

https://www.thehindu.com/news/cities/Delhi/sim-swap-fraud-man-gets-missed-calls-loses-50-lakh/article66259998.ece

Sim swapped with just missed calls 🤕

#India #simswap #scam

The #SIMSwap Scam: What It Is & How to Protect Yourself

https://primus.ca/index.php/ont_en/content-hub/cat/articles/post/the-sim-swapping-scam-what-it-is-how-to-protect-yourself

SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m - Guilty party got 18 months, also has to pay back $20m he probably hasn't got, which could... https://nakedsecurity.sophos.com/2022/12/06/sim-swapper-sent-to-prison-for-2fa-cryptocurrency-heist-of-over-20m/ #cryptocurrency #cybercrime #law&order #password #simswap #2fa

The #SIMSwap service with 5 star reviews. Great piece by Commsrisk:
https://commsrisk.com/the-sim-swap-fraud-service-with-5-star-reviews/

📱Portabilità SIM: #AGCOM cambia le regole per contrastare le truffe

Ne parliamo in #Nerd & #Tech Daily.
#NerdAndTechDaily #news #telefonia #mobile #simswap

https://youtu.be/r92yZMuIrjM

SMS delivery to any new SIM starts only after 24 hours. #India #2FA #SIMSwap
---
RT @squeal
@firasd @svaradarajan SIM swapping is not possible in India the same way it is in the US due to regulations issued by the Telecom Regulatory Authority of India, so no, it is highly unlikely. https://dot.gov.in/sites/default/files/Sim%20Upgradation%2007.08.2018.PDF?download=1
https://twitter.com/squeal/status/1581594776323133443

Twilio Lookup – Une API pour valider un numéro de téléphone et réduire la fraude https://korben.info/twilio-lookup-sim-swap.html #Développement #simswap #twilio

“PlugWalkJoe” indicted for $784,000 SIM-swap cryptocurrency theft https://www.tripwire.com/state-of-security/government/plugwalkjoe-indicted-for-784k-sim-swap-cryptocurrency-theft/ #Hackedcelebrities #Securitythreats #cryptocurrency #Guestblog #Twitter #simswap