New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Ring Doorbell Forces Two-Factor Authentication

The Ring doorbell camera system has become one of the most popular home security add-ons in recent years, but some people have questioned the security of the Internet of Things (IoT) devices. On Feb 18th, Ring president Leila Rouhi published a blog post that stated that the once optional two-factor authentication (2FA) will now become mandatory for all Ring accounts. With a large number of users who reuse passwords across multiple accounts, forcing 2FA will help add a layer of security to keep unauthorized users from gaining access. Leila Rouhi also stated that the company is changing how it shares data with third-party providers.

For more information, see: https://nakedsecurity.sophos.com/2020/02/20/ring-makes-2fa-mandatory-to-keep-hackers-out-of-your-doorbell-account/

Analyst Notes

: Some methods can be used to increase security across all online accounts. This is not a complete list, but includes some best practices to protect accounts from being compromised:
• Never reuse passwords; always make a unique password for each account. This way, if an attacker does obtain a password from one service, they will not be able to use it on across multiple accounts.
• Turn on 2FA whenever possible. Even if an attacker guesses the password to an account, they will not be able to compromise it without having access to the physical device, such as a phone, used to generate authentication codes.
• View and manage trusted devices. For online accounts that list trusted devices, users should review this list periodically to make sure only the devices that they choose are listed. Any unknown devices should be removed.
• Add shared users. Instead of sharing login credentials with others, add authorized users to the account and give them the permissions that they need.