Attackers can bypass TikTok multi-factor authentication through the site

Journalists of the ZDNet publication, citing one of their readers, report that the web version of TikTok did not receive multi-factor authentication (via mail and SMS), which developers established for all users of the platform in August. Thus, an attacker who somehow learned someone else’s credentials (for example, through a phishing attack or brute force)… Continue reading Attackers can bypass TikTok multi-factor authentication through the site

GitHub warned users about phishing attack

Representatives of the GitHub web service warned users of a massive phishing attack called Sawfish. Recently, users more and more often receive phishing emails with fake warnings about suspicious activity of a recorded account or strange changes made to the repository or settings. “The links attached to such messages lead to a fake GitHub login… Continue reading GitHub warned users about phishing attack