Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident.
Microsoft’s lawyers this week engineered a pair of important takedowns, one laudable and the other highly-charged. The software giant orchestrated a legal sneak attack against the Web servers controlling the Waledac botnet, a major distributor of junk e-mail. In an unrelated and more controversial move, Redmond convinced an ISP to shutter a popular whistleblower Web site for hosting a Microsoft surveillance compliance document.