security

The Urgent Need to Replace SMS-based MFA

FBI and CISA urged against SMS-based MFA due to interception risks, especially after cyberattacks like Salt Typhoon. Security experts have long advised moving to stronger alternatives. SMS can be compromised through SIM swapping, smishing, and MitM attacks. Despite its vulnerabilities, it's still widely used. Companies need layered approaches to replace SMS with secure options like FIDO, non-SMS authenticator codes, and password managers. Strong authentication should be enforced across all organizational levels, as weaker accounts are often less secured.

https://blog.1password.com/sms-based-mfa-risks/

Malware With Screen Reading Code Found in iOS Apps for the First Time

Malware featuring screen reading code, called “SparkCat,” has been discovered in iOS Apps, enabling the extraction of sensitive data from screenshots. Identified by Kaspersky, this malware uses OCR technology to target crypto wallet recovery phrases, posing a risk of cryptocurrency theft. Apps like ComeCome, WeTink, and AnyGPT have been linked to this issue. The malware has been active since March 2024 and although similar threats were previously found on Android and PC, this marks the first instance on iOS. Recommendations include avoiding saving sensitive screenshots in photo libraries.

https://www.macrumors.com/2025/02/05/ocr-malware-app-store/

Introducing the New 1Password Community

1Password Community launches, enhancing user connection, support, and resources. Improved design, centralized resources, dedicated spaces for admins and developers, and interactive events enrich engagement. Features for business admins, developers, and home users foster collaboration and learning. A Champion program promotes thought leadership. Community team introduced for assistance. Users encouraged to participate and provide feedback for future growth.

https://blog.1password.com/1password-community-launch/

Exploring the Unlikely Relationship Between Hackers and the State With Emily Crose

Emily Crose, a cybersecurity expert, explores how hackers evolved from outsiders to collaborators with governments in her book, Hack to the Future. She discusses hacker motivations, the historical context of hacking, and its relationship with politics through a podcast interview. Crose addresses shifts in hacker culture, citing influential events like the Morris worm and the Melissa virus, which altered public and governmental perceptions of hackers. She notes the transition from adversarial to collaborative relationships with authorities, emphasizing the need for constructive engagement over criminalization. The interview also examines the implications of cyber warfare and offers insights for ethical considerations in working with government agencies. Crose's website provides further information and resources related to her work and upcoming audiobook release.

https://blog.1password.com/hackers-state-emily-crose-interview/

Introducing 1Password Marketplace: Your Hub for All 1Password Integrations

1Password Marketplace now centralizes all integrations, including for Extended Access Management, Passage, and Developer tools. Admins can easily connect identity providers and link with SIEM tools. Developers can automate secrets management and create integrations. The Marketplace is user-friendly, allowing for browsing and filtering of integrations without login. Future updates will introduce more integrations, including features for building and submitting new ones. Explore all supported integrations at 1Password Marketplace.

https://blog.1password.com/1password-marketplace-integrations/

Scroll to Top