The Diary Game visit to a historical Pakistan by @ yasminsadiq ##Microsoft faces the larges DDos attack in history
Tha
t’s about to end now as Microsoft is officially burying the project this year. In a recent FAQ page published by Microsoft titled “Windows 10 Mobile End of Support: FAQ” the Redmond giant clarified a few things.
For the question titled “What should Windows 10 Mobile customers do now?” Microsoft recommends that users should switch to a supported Android or iOS device.
Security updates and support of all types will end for the OS from December 10th this year. However, third-party apps that support the platform will continue working normally.
For phones with Windows 10 Mobile Version 1709, support will last until 10th December. But, for Lumia 640 and 640 XL on Windows 10 Mobile Version 1703, support will end a few months earlier on June 11th.
If you still have a Windows phone, Microsoft asks that you make a back up of your data using the built-in tool before support ends (June 11 for the older version). This is because the tool would also stop working after the deadlineMicrosoft has successfully avoided the largest Distributed Denial of Service (DDoS) attack in history. The company said that its Azure cloud service mitigated a total of 2.4 terabytes per second (Tbps) DDoS attack, which is the largest recorded DDoS attack to date.The blog, citing Microsoft’s internal statistics, details that users who had enabled multifactor authentication on their accounts were able to block around 99.9 percent of automated attacks. However, users should always stay away from phone-based multifactor authentication since the system is home to several known security issues. Although there have been no recorded security breaches when it comes to MFA, to be on the safe side, Microsoft users should avoid them.
According to the Microsoft executive, both SMS and voice calls are transmitted in cleartext. Attackers can easily intercept them using tools like software-defined-radios, FEMTO cells, or SS7 intercept services. Moreover, SMS-based one-time codes are phishable. The attackers don’t even need special tech for that. They can simply use open source and readily-available phishing tools like Modlishka, CredSniper, or Evilginx.
Weinert has called SMS and Voice calls the ‘Least secure MFA method today’ and he believes that this gap between SMS & voice-based MFA “will only widen” in the future.
As more users adopt MFAs for their accounts, attackers will become more interested in breaking MFA methods, which is easier with SMS authentications and voice calls.
Plagiarism is strictly prohibited in the community. I have warned you second time. You are banned from any kind of support from the community for one week.