back to article Alleged SIM swapping crypto-crooks cuffed, iOS app snooping, ad-fraud botnets, and more

Here's a summary of more infosec news beyond what we've already reported this week – enjoy. Beware of pretend Italian plumbers bearing gifts: Mario, the beloved video game plumber with a porn-star mustache, should be treated with caution, according to security shop Bromium. Well, at least images of him. Engineer Matthew Rowen …

  1. Version 1.0 Silver badge

    Are Internet users part of a "Criminal Enterpise"?

    While I've been a firm supporter of free access for all to the Internet for years, I'm starting to think that it's a lot like frying bacon in the nude these days. Yum, nice crispy bacon, oh damn another spot of hot oil just landed!

  2. macjules


    Apple has reminded iOS app developers not to use code that monitors exactly how people use their software without informing them.

    Only Apple are allowed to develop code that monitors users without informing them.

  3. leexgx

    Sms should not be used for 2fa

    It should be an 2fa app, that requires the person unlock the phone < fingerprint or unlock pin> like Microsoft authenticator app or yahoo mail app does it when you turn it on, personally it should be enabled by default (on 2fa/yes-no apps)

    and 10 backup 1 time use codes

    Never sms (but Google and Ms you still have to use mobile number or other email for account recovery unless it's in hardened mode for Google)

    Sms 2fa is done because its consumer friendly

    1. David Nash Silver badge

      Re: Sms should not be used for 2fa

      If you have your phone set up not to display the content of SMS until unlocked, should be OK, no?

      1. It's just me

        Re: Sms should not be used for 2fa

        No! SIM swapping, as referred to in this article, and SS7 exploits among others allow someone else to intercept your 2FA codes.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon