American Hospital Association

H-ISAC TLP White Threat Bulletin: Emerging SMS/Voice OTP Toll Fraud via Account Sign-up and Patient Portal Flows

Health-ISAC is tracking an emerging fraud pattern where threat actors exploit SMS and voice One-Time Password (OTP) mechanisms used in account sign-up, patient portal enrollment, telehealth ...
ZDNet

Google backs Apple's SMS OTP standard proposal

Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process ...
ZDNet

Apple wants to standardize the format of SMS OTPs (one-time passcodes)

Apple engineers have put forward a proposal today to standardize the format of the SMS messages containing one-time passcodes (OTP) that users receive during the two-factor authentication (2FA) login ...
Forbes

Under The Microscope: The Risks Of One-Time Passwords' Vulnerabilities

Mike Wilson is the Founder & CTO of Enzoic, a cybersecurity company that helps prevent account takeover of employee and customer accounts. Threat actors continue to target passwords, with the 2024 ...

Google will replace unsafe Gmail SMS codes with QR scan verification

Ever since Google enabled two-step verification for Gmail and other tied authentication protocols in its ecosystem, SMS codes ...
Bleeping Computer

Payoneer accounts in Argentina hacked in 2FA bypass attacks

Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a ...