CyberMedics

Is SecuX the only 'unclonable' key on the market? youtube.com/shorts/45gb3tH… @Yubico @FIDOAlliance @nitrokey @FIDOTrustKey @authentrend @onlykeyo @OneSpan @BluinkLtd @1KosmosBlockID @FEITIAN_Tech @bitwarden @EnsurityTech @Entersekt @HIDGlobal @hideez @HyprCorp @SecuXwallet

@key9identity Any experience with SecuX PUFido key?

We are proud to be FIDO Alliance "Passkey Pledge" signers. Unlike legacy Identity Providers, we are "all in" on #Passkeys and #Passwordless technologies. Our mission is to drive adoption, make companies secure, and make Identity easy. fidoalliance.org/passkeypledge/

@vtslkshk In general, never click on an email link. Especially from an unknown source. Remove SMS second factor from your accounts, were possible at hardware security keys for account authentication.

🚨X phishing alert: just got a legit looking email saying that there was a suspicious log in to my account. I have TOTP 2FA enabled but still decided to change my password and clicked on the link. Turns out it takes you to a third-party app "X Support Department" seeking access to your account. A clear scam/phishing attempt. NEVER authorize any such app ever and always double-check the FROM email ID before taking any action. @nikitabier @elonmusk

@scredcpt @TeamYouTube What 2 FA was on your account security? You may want to review all of your account to make sure you have a strong second factor authentication other than SMS messaging. It is the least secure method for securing account access.

@TeamYouTube My YouTube channel got hacked. The hacker managed to remove my 2FA, recovery mail and phone number, they even added a physicall key of their own. I lost years of work and dedication on the platform, I had +11k subs.

@scredcpt @TeamYouTube Have you contacted the YouTube channel hacked account Support? support.google.com/youtube/answer…

@ProfSteveKeen @Google Hardware keys like AuthenTrend and Yubico are your strongest defense against phishing and account takeover. Simple setup, powerful protection. #CyberSecurity #Tech #AuthenTrend #Yubico #HardwareSecurity @Yubico @authentrend @FEITIAN_Tech @SecuXwallet

. @Google my debunking account now appears compromised. The password was changed yesterday--and not by me--and ow I'm getting "verify" messages from you that I expect are the scammer trying to crack my security. What can I do?

@ProfSteveKeen @Google Reset the password. Regenerate backup codes. Add an authentication app independent of Google. Remove SMS 2 FA. Add two Hardware security keys.

@imfastasfsckboi Spot on! Financial institutions in general…security is minimal. SMS F-

Dear financial companies, If you're using SMS to authenticate my account in any way, you don't have the security moral high ground to send me lecture-spam about fraud tactics scammers might use. Get your shit together. XOXO HTH

@morrisfrance @Meta @facebook Would you mind sharing what type of second factor authentication you had on the account? We’ve been trying to help protect people from this exact sort of thing of losing account access.

@Meta @facebook disabled my account again without doing anything. Can you fix your security system?

@AntonStetner @Meta @facebook @instagram Reach out to us directly we can do anything to help.

@CyberMedicsOrg @Meta @facebook @instagram Facebook was push notification to phone and email Instagram was text / email code plus authenticator app

Urgent Request: Account Recovery and Review of Meta Verification Failure @Meta @facebook @instagram. As a Meta Verified user with two-factor authentication (2FA) enabled, I expect a high standard of security and support, especially as someone who runs a business and creates content on your platforms. Unfortunately, your system has failed me on both fronts. Despite having 2FA in place, a third party was able to access my accounts without my authorization. I even actively denied the 2FA prompt, yet access was still granted. The result? My accounts were compromised, spam content was posted, and the accounts were ultimately disabled. To make matters worse: No meaningful communication has been provided to help resolve this situation. Support channels are nearly impossible to access, despite my verified status. Now, your system is introducing new hurdles—such as requiring an authenticator app for Facebook login, even though it was only ever enabled on Instagram. This inconsistency is further complicating recovery efforts. This is not just a security oversight; it is a systemic failure; one that puts creators and business owners at risk. We rely on your platforms to engage audiences, run ads, and generate income. The inability to restore service promptly and communicate clearly is unacceptable. Please escalate this issue immediately and take action to: 1. Review the 2FA breach and authentication logs. 2. Reinstate the affected accounts. 3. Provide direct support and communication to resolve any remaining recovery issues. Meta must do better. Verified users deserve systems that work and support that responds.

@AntonStetner @Meta @facebook @instagram Have you secured your email with a strong second factor authentication like authentication app or HW security key? Would remove text notifications from all second factor authentication. It is the least secure method for validating account authentication.

@AntonStetner @Meta @facebook @instagram Hardware keys like AuthenTrend and Yubico are your strongest defense against phishing and account takeover. Simple setup, powerful protection. #CyberSecurity #Tech #DataProtection #AuthenTrend #Yubico #HardwareSecurity @Yubico @authentrend @FEITIAN_Tech @SecuXwallet

@BleepinComputer PUFido Physically unclonable functions (PUFs) are being used by FIDO Complaint hardware security key companies, such as @SecuXwallet facebook.com/share/1FGbJcSJ… @Yubico @FIDOAlliance

A new "EUCLEAK" attack on FIDO devices, such as the YubiKey 5, can extract secret keys and clone the FIDO device. However, the attacks require physical access to the device and specialized equipment, mitigating the risk for the majority of users. bleepingcomputer.com/news/security/…

@TheHackersNews PUFido Physically unclonable functions (PUFs) are being used by FIDO Complaint hardware security key companies, such as @SecuXwallet facebook.com/share/1FGbJcSJ… @DHSgov @FIDOAlliance @Yubico @authentrend @TheHackersNews @lonseidman @kimkomando @Bitwarden

Titan Security Keys — Google launches its own USB-based FIDO U2F physical security keys. thehackernews.com/2018/07/google… It includes a firmware developed by Google that verifies the integrity of security keys at the hardware level for stronger two-factor authentications.

@KeePassXC @marektoth @NordPass @ProtonPass @roboform @dashlane @Keeper @Bitwarden @LastPass @1Password @EnpassApp @LogmeOnce Blog summary should be updated From Blog Fixed: NordPass, ProtonPass, RoboForm, Dashlane, Keeper Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce

@CyberMedicsOrg @marektoth @NordPass @ProtonPass @roboform @dashlane @Keeper @Bitwarden @LastPass @1Password @EnpassApp @LogmeOnce Not true anymore

We loved your article on Password Manager extension clickjacking attacks. We would love it if you evaluated KeePassXC as well and included it as an addendum to your blog. @marektoth marektoth.com/blog/dom-based…

@EnpassApp @marektoth @KeePassXC @NordPass @ProtonPass @roboform @dashlane @Keeper @Bitwarden @LastPass @1Password @LogmeOnce Blog summary should be updated. From Blog Fixed: NordPass, ProtonPass, RoboForm, Dashlane, Keeper Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce

@CyberMedicsOrg @marektoth @KeePassXC @NordPass @ProtonPass @roboform @dashlane @Keeper @Bitwarden @LastPass @1Password @LogmeOnce Thank you for staying vigilant. Fix for the reported extension security issue was made available on August 13th in Enpass v6.11.6 and above for all browsers. Details: enpass.io/release-notes/… The original reporter has confirmed the fix: marektoth.com/blog/dom-based…

@Yubico Would appreciate your feedback on passkey video. youtu.be/cMZrfXu9ehk?si…

Small businesses are increasingly a top target for phishing attacks. 🎯 As bad actors become increasingly sophisticated with AI, learn how SMEs can combat evolving cyber threats. 🤖 startupsmagazine.co.uk/index.php/arti…

@beyondidentity @tiktok_us @Jingg_n_Tonic Thank you for the video description. Very well received. Here’s a video we did on pass keys. Would appreciate your feedback. youtu.be/cMZrfXu9ehk?si…

With @tiktok_us being the latest tech giant to take a step forward in adopting passkeys, we've seen a lot of confusion around what passkeys are and aren't. Resident expert @Jingg_n_Tonic is here with a quick refresher! #Passkey #TikTok #Cybersecurity #ZeroTrust

@vibronet @FIDOAlliance Would appreciate your feedback on our video of Paske’s trying to explain their use. youtu.be/cMZrfXu9ehk?si…

Tricky things about #passkeys: even identity experts don't always have a clear idea of what the term indicates. I find myself having to explain it all the time, so I put together a visual to help me do that. 🧵 If you consider the space of all @FIDOAlliance credentials: