GitHub to require 2FA for all developers who contribute code
The move aims to strengthen the software supply chain and prevent attacks from bad actors through social engineering or similar account takeover attempts. The two-factor authentication mandate was initially announced by GitHub last May with the intention of making it mandatory by the end of 2023.
... Read more
GitHub will require two-factor authentication from all users in 2023
The new policy applies to anyone who contributes code to the platform.
GitHub announced this week that it will require all users to enable two-factor authorization (2FA) by the end of 2023. To be clear, the policy will apply not just to developers who contribute code to the GitHub website, but t... Read more
PyPI packages under attack after phishers target developers
Developers and maintainers of PyPI are under attack by digital scammers through email phishing.
Several PyPI developers and maintainers have fallen for phishing scams conducted by digital scammers. The malicious campaign was disclosed by Adam Johnson, a project board member at Django, who receiv... Read more
GitHub imposes 2FA on all contributors
GitHub wants to arm itself against supply chain attacks. Two-factor authentication (2FA) will be mandatory for all users who upload code to the platform.
Users who contribute code, use Actions, open pull requests or merge and publish packages are obliged to use 2FA. Every end user lacking 2FA w... Read more
GitHub announces two-factor authentication mechanism
Github realizes the need for the hour and has announced its very own two-factor authentication mechanism.
The world is realizing the importance of data security. Thus, Github has recently announced the integration of two-factor authentication into its platform. They have enabled this through an ... Read more
Google plans to turn on 2FA by default for 150M users
In May, Google announced that it plans to enable 2FA (two-factor authentication/two-step verification) by default to enhance security for accounts. As it celebrates Cybersecurity Awareness Month, Google is once again reminding us that it will enable two-factor for 150 million more accounts by the e... Read more
GitHub is transitioning users to 2FA
GitHub users are urged by the platform to enable two-factor authentication, as it seeks to change how accounts are protected from attacks.
GitHub’s Mike Hanley posted a blog this week saying that beginning August 13, GitHub stopped accepting account passwords when authenticating Git operations... Read more
Dutch researchers discover malware strain that bypasses Authenticator
The use of two-factor authentication is pushed by security firm as one of the better methods for users to monitor their login details, but researchers have uncovered a vulnerability. A new version of the malware Cerberus could pick up and use the codes generated by Google Authenticator.
Google A... Read more
GitHub announces support for Web Authentication
GitHub has announced support for the Web Authentication (WebAuthn) security standard. The new standard aims to make accounts more secure against cybercriminals.
Inadequate security of GitHub accounts can lead to cyber criminals accessing backdoors in open source code or passwords. They could al... Read more
Bypassing fake crypto-currency apps two-step authentication on Android.
ESET researchers have found apps that impersonate the Turkish BtcTurk crypto exchange, but in reality use new techniques to bypass SMS-based two-step verification (2FA). This also circumvents Google's recent SMS authorisation restrictions.
In March this year, Google decided to restrict the use of SM... Read more