Profile picture
Brian in Pittsburgh
@arekfurt
, 3 tweets, 1 min read Read on Twitter
Important security research from Google on the effectiveness of various kinds of 2FA that got a bit buried this crazy week. Among key findings, SMS 2FA was still 76% effective against highly "targeted" phishing attacks and 99% good vs. "bulk" phishing.
security.googleblog.com/2019/05/new-re…
Other interesting findings:
-Google's app-based 2FA (using its verification prompts) was 90% effective against targeted phishing and 99% effective against bulk phishing
-Both forms of 2FA were 100% effective against "automated bot" credential stuffing & spraying attacks
-So too actually was just presenting some kinds of "knowledge-based challenges" like asking the user to verify phone number or last sign-in location. But those ranged from much less effective to ineffective vs. phishing attacks.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Brian in Pittsburgh
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related threads

Profile picture
Alex Stamos
@alexstamos
I wish that John and the other folks behind the great security uplift at Microsoft circa 2002-2016 would write a book.

What Microsoft had to do in that period has resonance for all kinds of problems we need to fix in tech.
Some of the basic issues:
1) Defining measurable goals in an adversarial environment
2) Building architectures resistant to unforeseen attacks
3) Working with (some would say co-opting) your biggest critics
4) Pushing responsibility to all developers
5) Uplifting industry
6) Talking honestly about your security protections and setting reasonable expectations
7) Building credibility with regulators and lawmakers, helping forestall counterproductive regulation.
Read 5 tweets
Profile picture
Chxta
@Chxta
The timing of Nnamdi Kanu's reappearance from the land of the dead, and his call for an election boycott, is decidedly convenient.

So we have to ask, is he partnering the Buhari FG? bit.ly/2MPYApI
On 12 October, 2018, Atiku Abubakar, picked Peter Obi, to be his running mate in the 2019 general elections.

Exactly a week after Peter Obi was picked, the infamous separatist, Nnamdi Kanu, resurfaced, having been missing for over a year up to that point.
Not long after, Kanu returned to his mic, to resume what made him infamous in the first place - spilling a lot of bile.

His most recent exercise was to schedule a "referendum on Biafra" same day as the Presidential Elections, and that, is where the cat waltzed out of the bag.
Read 15 tweets
Profile picture
Orin Kerr
@OrinKerr
Major Wiretap Act decision: CA1 rules that the contemporaneous requirement for interception is not met by being "functionally" contemporaneous --- taking lots of screenshots of another's computer screen can't violate Wiretap Act. Some thoughts. /1 media.ca1.uscourts.gov/pdf.opinions/1…
In the case, an employer set up surveillance on an employee's work computer when they suspected misconduct. The surveillance program, , the screen-capture software System Surveillance Pro (SSP), took a screenshot of the computer when certain keywords typed on it. /2
SSP caught the employee viewing child porn at work. Employee was fired and prosecuted, and now brought a civil suit alleging among other things a wiretap act violation for covertly installing the monitoring software. CA1 holds screenshots based on keywords not an intercept. /3
Read 11 tweets
Profile picture
Elijah J. Magnier
@ejmalrai
#Important:
Yesterday late afternoon #Russia/n forces took 3 positions in Qusseyr and Juseh and established checkpoints. #Hezbollah, not informed of the Russian presence, came close to these forces and asked their immediate pull out+
Following the direct intervention of President Bashar al-Assad, the Russian force pulled out this morning and avoided any clash with #Hezbollah in the area.

hezbollah maantin and kept all positions. The #Russia/n move was not coordinated.+

#Hezbollah did not...I repeat, did not pull out one single element from the area.

I spoke to people on the ground: The Russian decision was unclear and considered unwelcome by the forces on the ground. Still, many elements of this move are unclear.

Read 6 tweets
Profile picture
OnWithLogic
@OnWithLogic
1) "CLEAN GMAIL"

My theory about why #PeterStrzok sent #LisaPage this text message.

It connects a #Qanon post to Google & plot to frame @POTUS for collision, and may provide insight into how #NSA has the info.

#QAnon #WWG1WGA @POTUS #GreatAwakenening #redpill #ReleaseTheTexts
2) Yesterday's #Q post exposes the use of the #Gmail draft communication trick, whereby you share an account with other(s) and instead of sending email, you save it as a draft for the other person(s) to read.

#QAnon #WWG1WGA @POTUS #GreatAwakenening #redpill #ReleaseTheTexts
3) This was made famous by former #CIA director General Patreaus & mistress. Which was a head scratcher. Why would #PeterStrzok & #LisaPage (+others) use same technique Patreaus was busted using?

#QAnon #WWG1WGA @POTUS #GreatAwakenening #ReleaseTheTexts

washingtonpost.com/news/worldview…
Read 14 tweets
Profile picture
REDPilledCrasH
@Michaelcraddo16
1 NEW Q on Monday🇺🇸
#Grassley/#PlannedParenthood 💥
Apr 23 2018 21:56:53 (EST) Q !xowAT4Z3VQ ID: ac300a 1164847 NEW
grassley.senate.gov/news/news-rele…

foxnews.com/politics/2017/…
Coming soon.
Q

#MAGA #QAnon #QanonPosts #Qanon4chan #WeHaveEverything #TrustThePlan #Qanon8chan #GreatAwakening
2 NEW Q on Monday🇺🇸
#Grassley/#PlannedParenthood #RedCross💥

Future Proves Past 🧐
Where Does All The Money Go??🤔
500 million=6 houses??🙄

#MAGA #QAnon #QanonPosts #Qanon4chan #WeHaveEverything #TrustThePlan #Qanon8chan #GreatAwakening #Haiti
3 NEW Q Early Tuesday🇺🇸
Hey @NBCNews @CBSNews @abcnews 🤡what gives???

#MSM refuses to report, anyone surprised??🙄 #Soon

#MAGA #QAnon #QanonPosts #Qanon4chan #WeHaveEverything #TrustThePlan #Qanon8chan #GreatAwakening #AdamSchiff #MockingbirdMedia #FakeNews
Read 174 tweets

Trending hashtags

#FUBAR #IIBAWC18 #Aadhaar #Qanon4chan #dirtyjudges #Syria #Yemen #COVERUP #finethread #crimescene #MarchForOurLives #publicdefender #Director #morningtroll #NSA #CNN #Governor #confused #alone #bigdata #whitehousetalk2018 #SoHelpMeGod #BGP #SHADOWBAN #movie
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!