Security

Security is one of the most significant considerations when owning any technology, as you can lose data and finance if not careful. You’ll find articles here that cover various apps and options, threats to browser and device security, and some tips.

New crypto-mining attack exploits vulnerabilities in Microsoft Exchange ProxyShell

New crypto-mining attack exploits vulnerabilities in Microsoft Exchange ProxyShell

New crypto-mining attack exploits vulnerabilities in Microsoft Exchange ProxyShell A recently discovered malware called 'ProxyShellMiner' takes advantage of the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners within a Windows domain, thereby […]

Three Common Security Errors that Endanger Your Social Media Accounts

Three Common Security Errors that Endanger Your Social Media Accounts

Three Common Security Errors that Endanger Your Social Media Accounts The prevalence of social media hacking has made it a significant security concern, with cybercriminals often targeting unsuspecting individuals. In 2018 alone, […]

SAS

Scandinavian Airlines confirms cyberattack that exposed customer data

Scandinavian Airlines revealed in a security notice published on the SAS Group website that it was the victim of a cyberattack. The attack, which was carried out on February 14, 2023, caused […]

Cybercriminals Use Havoc Post-Exploitation Framework in Attack Campaigns

Cybercriminals Use Havoc Post-Exploitation Framework in Attack Campaigns

Cybercriminals Use Havoc Post-Exploitation Framework in Attack Campaigns According to security analysts, malicious actors have started using an open-source command and control (C2) framework called Havoc as an alternative to more expensive […]

Here are all the changes to 1Password in the new update for Apple devices

Here are all the changes to 1Password in the new update for Apple devices

1Password has released a significant update for its iOS and Mac platforms, as well as Android, PC, and Linux. The update includes over 100 new features, improvements, and bug fixes. Some of […]

There is no official ChatGPT app for iOS and Android

Protect your privacy: Why you should avoid ChatGPT apps on Google Play and App Store

ChatGPT's usage is rising every day, more and more users are flocking to use the chatbot. The popularity of the AI language model has seen the announcement of new tools such as […]

Choosing the Right Passwordless Authentication Method for Maximum Benefits

Choosing the Right Passwordless Authentication Method for Maximum Benefits!

Traditionally, we’ve used passwords as the primary method for authentication, but they come with their own set of drawbacks. Security breaches are a common issue, and it can be challenging to remember […]

Here’s why the future of security is passwordless

The end of passwords as we know it: Why experts say the future of security is passwordless

Over the years, passwords have posed a significant risk to enterprises. The Verizon 2022 Data Breach Investigations Report indicates that nearly 50% of data breaches are a result of stolen credentials. This […]

ADVERTISEMENT
How to solve 10 of the most common web application security vulnerabilities

Is your web app vulnerable? Here's how to solve the top 10 security issues

Developing or using web-based software requires critical consideration of web application security due to the increasing number of online threats. Therefore, it is more crucial than ever to ensure that web applications […]

m2rat attack

Is your device at risk? North Korean group launches new attack with Remote Access Trojan

Infamous North-Korean threat group APT37 has upgraded its arsenal of attacks with a new Remote Access Trojan, that is attacking targets on Windows and mobile devices. The group, known for malicious attacks […]

tor browser onion

Tor network experiencing massive ongoing DDoS attacks

In the past seven months, users of the Tor network may have experienced issues connecting to sites through the network. Issues may have included slow connections while connected to Tor, but also […]

KeePass isn’t as safe as we once thought.

A Closer Look at KeePass: Why Its Reputation as a Safe Password Manager is Being Questioned

With the recent security breaches involving LastPass and Norton Password Manager, it's understandable that people are wary about keeping their passwords in the cloud. That's why there's been a rise in the […]

Should You Use Google Password Manager

Should You Use Google Password Manager?

I don't know about you, but when it comes to creating a password, I like for it to be strong, secure, and unique. For years I used the same password for everything […]

1password

1Password plans to become the first password manager without passwords

Password manager 1Password plans to become the first major password management service that does not require passwords for unlocking user password databases. The company's answer to passwords is passkey, a technology that […]

reddit security incident phishing

Reddit discloses security breach: what you need to know

Reddit disclosed a security breach today on the site stating that a malicious actor managed to gain access to internal servers. The company became aware of a phishing campaign that targeted Reddit […]

Password Manager KeePass 2.53 released with password history improvements

KeePass 2.53.1 password manager resolves vulnerability controversy

KeePass 2.53.1 is a new update for the password manager that addresses a potential vulnerability in the application. Last week, word about a vulnerability in the password manager spread online. Reported by […]

Bitwarden's web vault suffers an outage, apps and extensions were unaffected

Bitwarden's web vault suffers an outage; apps and extensions are safe and unaffected

Bitwarden's web vault suffered an outage today.  The issue affected all users that use the web service, though the password manager service's apps and extensions were unaffected and are completely safe Bitwarden's […]

Dashlane Password Manager has released the source code of its mobile apps

Protect Your Passwords Like Never Before with Dashlane's Mobile Apps Source Code Release

Dashlane Password Manager has released the source code of its iOS and Android apps. Interested users and developers may check the code that are now available on GitHub. Dashane Password open sources […]

keepass key derivation

Improve KeePass security with this simple configuration change

KeePass, like many other password managers, relies on a primary password that protects the entire database of passwords and information. If an attacker manages to obtain that single password, all other passwords […]

Bitwarden Password Manager will add support for Argon2 KDF soon

Bitwarden Password Manager will add support for Argon2 KDF soon

The LastPass data breach caused uproar amongst its users and the tech community, but there are several good things that happened in the aftermath of the incident. It actually taught users a […]

TikTok Search

United States Senator demands TikTok app store ban

In a letter sent to the CEOs of Google and Apple, United States senator Michael Bennet, a member of the Senate Intelligence Committee, demanded that the companies ban the China-based TikTok application […]

How to increase the server-side KDF iterations in LastPass

LastPass Hack-Proof: How to Up Your Security Game Instantly

It has been a couple of months since LastPass suffered what is arguably the worst data breach to ever affect the password manager industry. The way the entire scenario was handled by […]

Bitwarden's Latest Update Takes Security to the Next Level

The recent security breach that affected LastPass has caused ripples across the industry. Norton Password Manager suffered a password stuffing attack, while Bitwarden users have been targeted by phishing ads. Many users […]

App updates

Key Firefox and Android updates you need to be aware of

The new year has brought with it a host of new software updates across a variety of different apps and programs. While many of these updates are routine, with some offering basic […]

Anker privacy policy old

Anker Confirms Eufy Cameras Not Fully Encrypted, Raising Concerns

Anker has finally admitted that its Eufy security cameras were not using end-to-end encryption to protect users' data.  Here's what led to the confession. Security researchers discover flaws in Eufy cameras The […]

Keepass masterkey

KeePass Password Manager Vulnerability: Is Your Data at Risk?

KeePass Password Safe is an open source local password manager for Windows. It is a well designed application that supports plugins and there are numerous forks available for other platforms. The Federal […]

deceptive site 1password

The Hidden Threat: 1Password Password Manager Phishing Ads on Google

The popular 1Password service is the latest cloud-based password manager that is being targeted by scammers. Like the recently reported Bitwarden scam, new and existing users of 1Password are targeted through malicious […]

The Hidden Threat: Bitwarden Password Manager Targeted by Phishing Scams

Scammers are targeting users of cloud-based password managers, including Bitwarden, with phishing attacks. And the mode of attack was malicious ads. Users have reported that they have seen fake advertisements for Bitwarden […]

NortonLifeLock says some Norton Password Manager accounts were compromised

NortonLifeLock says some Norton Password Manager accounts were compromised

A month ago, LastPass suffered one of the biggest security breaches we have seen in the world of password managers. And now, NortonLifeLock has revealed that some of its user accounts have […]

Another password manager is moving beyond passwords

Another password manager is moving beyond passwords

Passwords have been keeping us safe online for years but, according to tech industry big wigs, they are not safe enough. For a while now a group calling themselves the FIDO Alliance, […]

It looks like even Ransomware gangs have limits

It looks like even Ransomware gangs have limits

As the world continues to grapple with the threat of ransomware attacks, it appears that even the perpetrators of these malicious acts have their limits. The LockBit ransomware gang, which offers Ransomware […]

LastPass Security Incident December 2022

Security experts blast LastPass for misleading users about stolen password vaults and data

LastPass suffered two data breaches in a span of 3 months. The first hack occurred in August, while the 2nd one happened sometime later. Martin's write-up explains what LastPass' statement had to […]

onedrive backup

Should you back up important Windows folders to OneDrive?

OneDrive on Windows has a back up feature that many users of the operating system may be unaware of. It requires a OneDrive account, free or paid works, and may be used […]

Bitwarden Unified: easier self-hosting of the password manager

Bitwarden Unified is a new solution for the Bitwarden password manager to host, manage and control the password management infrastructure. It is currently in Beta and developed by Bitwarden itself. The service […]

LastPass Hack Update: user vault data and information stolen

Password management service LastPass announced today that the disclosed password breach of August 2022 was more serious than it thought initially. The update confirms that user vault data and personal information was […]

portable secret

Create encrypted messages, images, files as HTML with Portable Secret

Portable Secret is an open source tool that is designed to encrypt messages, images or files and save them as HTML files. These files may then be shared, opened in any browser, […]

nvidia security update kepler

NVIDIA releases security update for out-of-support graphics cards

NVIDIA released a display driver security update for some of its graphics cards that it no longer supports with regular driver updates. The security update addresses major security issues in the NVIDIA […]

Microsoft Authenticator for watchOS is being discontinued

Microsoft Authenticator for watchOS is being discontinued

The Microsoft Authenticator app for watchOS is being discontinued. The company claims that the app is not compatible with some security features. Microsoft Authenticator for watchOS will stop working in January According […]

file wiper security threat windows

Tricking antivirus solutions into deleting the wrong files on Windows

Security research Or Yair discovered a method to trick antivirus and endpoint security solutions into deleting legitimate files on Windows systems. Yair found out that he could manipulate endpoint detection and response […]

Bitwarden's passwordless authentication step 1

Bitwarden's passwordless authentication method lets you log into your web vault using the mobile app

Bitwarden has introduced a passwordless authentication method. It lets you approve the login request from the mobile app, let's find out more about it. Bitwarden's passwordless authentication system I should mention this […]


SPREAD THE WORD

GHACKS NEWSLETTER SIGN UP

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up