#auth

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.

The deal will enhance 1Password Extended Access Management offering with capabilities to address challenges around software-as-a-service sprawl and shadow IT.

Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.

The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake.

Misconfigured license-plate-recognition systems reveal the livestreams of individual cameras and the wealth of data they collect about every vehicle that passes by them.

The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.

The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites.

### Impact Users of WireGuard Portal v2 who have OAuth (or OIDC) authentication backends enabled can be affected by an Account Takeover vulnerability if they visit a malicious website. ### Patches The problem was fixed in the latest alpha release, v2.0.0-alpha.3. The [docker images](https://hub.docker.com/r/wgportal/wg-portal) for the tag 'latest' built from the master branch also include the fix.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

We can't put defense on hold until Inauguration Day.