Security

Security is one of the most significant considerations when owning any technology, as you can lose data and finance if not careful. You’ll find articles here that cover various apps and options, threats to browser and device security, and some tips.

Hacker

Hackers steal millions of Authy 2FA phone numbers

Malicious actors have managed to steal more than 33 million phone numbers used by users of the two-factor authentication service Authy. Authy is a popular security application to manage authentication codes for […]

With Kaspersky banned in the US, what should customers do?

The United States are banning Kaspersky products. Starting July 20, Kaspersky is no longer allowed to sell its products to new customers. Software updates remain available until September 29, 2024. Customers who […]

How long does it take to crack a password in 2024?

Password cracking tools improve all the time. With AI entering the game, the time to brute force passwords has been reduced significantly already and continues to be reduced. Password guidelines and rules […]

Tunnelvision

TunnelVision attack against VPNs breaks anonymity and bypasses encryption

Researchers from Leviathan Security have discovered a new vulnerability that affects virtual private networks (VPNs) on most platforms. VPNs serve multiple purposes. They encrypt all traffic when connected to a VPN server […]

Bitwarden Authenticator

Bitwarden launches standalone Bitwarden Authenticator app

Bitwarden has released a first public version of Bitwarden Authenticator, a two-factor authentication app for Android and iOS. The app generates codes for services, which are then required to sign to accounts. […]

bitwarden

Bitwarden launches passkeys support in mobile apps for Android and iOS

Users of the password management solution Bitwarden are one step closer to full passkeys support. The organization launched new beta apps for Android and iOS earlier this month that introduced limited passkeys […]

Intel

Microsoft publishes new Registry security mitigation for Intel processors (Spectre)

About six years ago, vulnerabilities were discovered that affected most Intel and AMD processors. The vulnerabilities, Spectre and Meltdown, can be exploited to read sensitive data from attacked computer systems. Intel released […]

KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password

KeePassXC has been updated to 2.7.7. The latest version of the open source password manager adds support for Passkeys, and has gained the ability to import your vault data from Bitwarden. Passkeys […]

ADVERTISEMENT
Malwarebytes 5

First look at Malwarebytes 5.0

It took Malwarebytes nearly five years to release the next iteration of its Malwarebytes security program. Malwarebytes 5.0 is available now for all supported operating systems (Windows, Mac, iOS, and Android). Malwarebytes […]

RustDoor malware targets macOS users by posing as a Visual Studio Update

RustDoor malware targets macOS users by posing as a Visual Studio Update

A new malware called RustDoor is targeting macOS users. The malware has been undetected for 3 months, and poses as a Microsoft Visual studio Update. The malware was discovered by Bitdefender. A […]

keys

KeePass 2.56 released: options search and history improvements

The developer of the free password manager KeePass has released version 2.56 of the Windows application. KeePass is a local password manager by default; this means that it does not require a […]

70 million account credentials were leaked in a massive password dump

70 million account credentials were leaked in a massive password dump

A security researcher has unearthed what appears to be one of the biggest password dumps ever. Over 70 million unique credentials have been leaked on the dark web. The news came to […]

bitwarden

Bitwarden: how to create and use Passkeys to sign in

Bitwarden users have a number of options already when it comes to signing-in to their vaults. They can use a master password and improve security by adding a two-factor authentication option to […]

LastPass is enforcing some security changes for user accounts

LastPass is enforcing some security changes to user accounts

LastPass is making some changes to enhance the security of its to user accounts. The news comes as a follow-up to the company's plans to enforce stronger passwords a few months ago. […]

Its Groundhog Day at Microsoft! Vulnerability patched again

Remember the movie Groundhog Day? Bull Murray plays a rather self-centered weatherman who finds himself in a time loop on Groundhog Day. Windows administrators may have similar feelings to Murray's in regards […]

Password

The most popular passwords of 2023 are easy to guess and crack

Each year, analysts at various Internet security companies release lists of the most used (and known) passwords. These lists are based on leaked password database data. The passwords that are on these […]

Protect your Discord account with a Security Key

Users of the chat app Discord may now protect their accounts using security keys. The developers of Discord have added the option to the existing arsenal of multi-factor authentication options that the […]

Scam or not? BitDefender's Scamio AI promises to have the answer

Scamio is a new AI tool that promises to help Internet users combat scams. Spam and scams are common on today's Internet. Especially users who are not tech-savvy may have difficulties distinguishing […]

If your Windows PC freezes, Avira security software may be the culprit

A recent update for Avira antivirus software for Windows seems to have a negative impact on system stabilization for some users. For a couple of days, Avira users have reported issues with […]

LogoFail vulnerability affects many Windows and Linux devices

Many commercial computers are vulnerable to a set of vulnerabilities that exploit flaws in the processing of startup logos during boot. Security researchers at Binarly have disclosed security vulnerabilities in system firmware […]

How to transfer files from Android to PC or Mac

BLUFFS: new Bluetooth vulnerability discovered that affects most devices

BLUFFS is an acronym for a new Bluetooth vulnerability that security researcher Daniele Antonioli disclosed recently. BLUFFS, which stands for Bluetooth Forward and Future Secrecy, is actually a set of six unique […]

Okta Hack

When will the cybersecurity company Okta ensure its own security?

On Tuesday, Okta revealed that hackers had stolen data from all of its customer support users in a major breach of its customer support system. The company had previously said that only […]

iPhone NameDrop warning

MDP warns parents about this iOS feature

In a recent social media post, the Middletown Division of Police in Ohio has put an iPhone NameDrop warning for parents. Introduced in the iOS 17 update, this feature allows users to […]

Enable 256-bit Bitlocker encryption on Windows 11 to boost security

Bitlocker is the default encryption technology of the Windows operating system. It is used widely on Windows, but some users prefer third-party solutions, such as VeraCrypt. What many users of Bitlocker don't […]

How did Welltok data breach happen

Data of 8.5 million patients compromised in the United States

Healthcare SaaS provider Welltok has disclosed a data breach that has compromised the personal information of nearly 8.5 million patients in the United States. Welltok works with healthcare providers across the US, […]

Security researchers bypass Windows Hello fingerprint authentication

Security researchers at Blackwing Intelligence managed to bypass Windows Hello fingerprint authentication on devices with the three most used fingerprint sensors on Windows. The researchers were asked by Microsoft's Offensive Research and […]

Protect your eBay account with Authenticator apps

Users of eBay had several options up until now to improve account login security using 2-step verification. They could get texts or emails from eBay that contain the code, or get codes […]

CVE-2023-4966 expose Citrix Bleed

CVE-2023-4966 vulnerability becomes a global problem

Threat researcher Kevin Beaumont has been tracking attacks against various companies, including the Industrial and Commercial Bank of China (ICBC), DP World, Allen & Overy, and Boeing, and found they had something […]

Mullvad's public encrypted DNS Servers run in RAM now

Sweden-based VPN provider Mullvad announced today that its public encrypted DNS servers run fully in RAM. The announcement comes less than two months after Mullvad completed the migration of its VPN infrastructure […]

chinese hackers breach us government

Suspicious Microsoft Authenticator requests don't trigger notifications anymore

Microsoft Authenticator will suppress suspicious authentication prompts to protect users against social engineering attacks. Microsoft has now enabled the security feature, which it unveiled back in August 2023. Microsoft Authenticator is a […]

Apple Find My network keylogger

Be careful if you use Apple's Find My network

Apple's "Find My" network is a powerful tool that can help users locate their lost or stolen devices. It works by using a combination of GPS and Bluetooth signals from other Apple […]

What is CVSS 4.0 and how to prepare for it

CVSS 4.0 standard has been released

The Common Vulnerability Scoring System (CVSS) is an open standard for assessing the severity of computer security vulnerabilities. CVSS scores are used by organizations and individuals around the world to prioritize vulnerability […]

Latest Bitwarden update introduces support for saving passkeys

A new version of the open source password manager Bitwarden is now available. Bitwarden 2023.10.0 introduces a number of important features to the password manager. Noteworthy additions are supported for saving passkeys […]

McAfee Celebrity Hot List 2023

And the phishing Oscar goes to...

Cybercriminals are constantly evolving their tactics to exploit the latest trends and technologies. One way they do this is by using the names of popular celebrities to create phishing scams and other […]

StripedFly malware

Watch out for StripedFly malware

Cybersecurity researchers have discovered a sophisticated cross-platform malware platform named StripedFly malware that has infected over 1 million Windows and Linux systems since 2017. The malware, which was wrongly classified as just […]

Tor Browser Security Audit reveals 2 high security issues

The Tor Browser project asked the penetration testers at Cure53 to audit core components of the project. Among the components were the BridgeDB software, building infrastructure, specific Tor Browser alterations and rdsys […]

1Password Okta breach

The fallout from the Okta breach continues

On September 29, 2023, 1Password discovered suspicious activity on its Okta tenant. The investigation revealed that the threat actor used a HAR file stolen in the recent Okta breach to access the […]

VMware Workstation 17.5 Player fixes a security issue

If you use VMWare Workstation Player to run virtual machines on your devices, you may want to update the existing version of the application to the newly released 17.5 version. VMWare Workstation […]

Dashlane limits Free users to 25 passwords starting next month

Users of the free version of the Dashlane password manager will soon have to cope with a severe limitation. Starting on November 7th, 2023, Dashlane Free will support a maximum of 25 […]

Old WinRAR vulnerability is exploited by government-backed actors

WinRAR users who have not updated the archiving software in some time may want to do so immediately. A report by Google's Threat Analysis Group TAG suggests that government-backed actors are exploiting […]


SPREAD THE WORD

GHACKS NEWSLETTER SIGN UP

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up