Site Map - skip to main content

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.


hpr3719 :: HPR News

InfoSec; the language of security.

<< First, < Previous, Latest >>

Host Image
Hosted by Some Guy On The Internet on Thursday 2022-11-03 is flagged as Clean and is released under a CC-BY-SA license.
Tags: InfoSec, Typosquatting, SFA, 2FA, MFA, Security.
Listen in ogg, spx, or mp3 format. | Comments (1)

InfoSec; the language of security.

What is Typosquatting and How Do Scammers Use it?


Two-factor and Multifactor Authentication.

  • First, authentication. This is the process of verifying the validity of something; in our case, user credentials/identity. The most common way to authenticate is: USERNAME and PASSWORD. This is just a single layer (single-factor authentication) and isn’t enough to discourage attackers.

  • Second, 2FA (Two-factor Authentication). 2FA increases the difficulty for attackers by providing users an additional layer of security to accomplish authentication. Common 2FA methods are: TOTP/OTP (the One Time Password), Authenticator Applications (Bitwarden, KeePassXC,...), and Security Keys (Yubikey). This works similar to ATMs; to authenticate the user must provide both knowledge (account PIN) and a physical object (bank card).

  • Last, but not least, MFA (Multifactor Authentication). Similar to 2FA, MFA offers users security with the addition of biometrics (fingerprint scan, retina scan, facial recognition, and voice recognition). Attackers must overcome the knowledge factor, Possession factor, Inherence/Biometric factor, Time factor, and sometimes Location factor.

  • MORE helpful security information.

  • 2FA/MFA Known Attacks.


Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2022-11-04T16:28:42Z by mike M.

Another form of typosquatting

Here is another way of typosquatting:
https://youtu.be/2JPnwqbVIuQ

<< First, < Previous, Latest >>

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Provide feedback
Your Name/Handle:
Title:
Comment:
Anti Spam Question: What does the P in HPR stand for ?
Are you a spammer →
Who hosted this show →
What does HPR mean to you ?