Tag Archives: Matthew Prince

How 1-Time Passcodes Became a Corporate Liability

August 30, 2022
78 Comments

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

The New Normal: 200-400 Gbps DDoS Attacks

February 14, 2014
68 Comments

KrebsOnSecurity has been targeted by countless denial-of-service attacks intended to knock it offline. Earlier this week, KrebsOnSecurity was hit by easily the most massive and intense such attack yet — a nearly 200 Gpbs assault leverging a simple attack method that industry experts is becoming alarmingly common.

Brute Force Attacks Build WordPress Botnet

April 12, 2013
68 Comments

Security experts are warning that an escalating series of attacks designed to break into poorly-secured WordPress blogs is fueling the growth of a botnet made up of Web servers that could be the precursor to a broad-scale campaign to distribute malicious software and launch debilitating network attacks.

Attackers Hit Weak Spots in 2-Factor Authentication

June 5, 2012
31 Comments

An attack late last week that compromised the personal and business Gmail accounts of Matthew Prince, chief executive of Web content delivery system CloudFlare, revealed a subtle but dangerous security flaw in the 2-factor authentication process used in Google Apps for business customers. Google has since fixed the glitch, but the incident offers a timely reminder that two-factor authentication schemes are only as secure as their weakest component.

In a blog post on Friday, Prince wrote about a complicated attack in which miscreants were able to access a customer’s account on CloudFlare and change the customer’s DNS records. The attack succeeded, Prince said, in part because the perpetrators exploited a weakness in Google’s account recovery process to hijack his CloudFlare.com email address, which runs on Google Apps