Hot Topics

KeePass

ķ≠k

KeePass Malicious Ads: Google Goof Permits Punycode Attacks Again

| | IDN, IDN homograph phishing, internationalized domain names, KeePass, Punycode, SB Blogwatch
Mote below k: Not only malvertising, but also “verified by Google.” ...
Security Boulevard
Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

| | 1Password, 2fa, Bitwarden, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, facebook, google, Google Play, Hacking, Information Security, Infosec, KeePass, lastpass, Meta, mobile application, mobile apps, open source, password managers, passwords, Podcast, Podcasts, Privacy, Reward Apps, security, technology, two factor authentication, vulnerability, Weekly Edition
The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of ...
The Shared Security Show
Another Password Manager Leak Bug: But KeePass Denies CVE

Another Password Manager Leak Bug: But KeePass Denies CVE

| | CVE-2023-24055, default settings, Dominik Reichl, KeePass, open source, password managers, SB Blogwatch
Two researchers report vulnerability in KeePass. But lead developer Dominik Reichl says it’s not a problem—and refuses to fix the flaw ...
Security Boulevard

Top 10 Cybersecurity and Privacy Resolutions

| | android, apple pay, credit card fraud, Credit freeze, Cybersecurity, Faraday Bag, fcc, Firefox, Google Pay, iPhone, KeePass, Multi-Factor Authentication, password manager, passwords, patching, Phishing, Podcast, Podcast Episodes, Privacy, Privacy Screen, Samaung Pay, Silent Pocket, two factor authentication, Vulnerabilities, web browser, webcam, Weekly Blaze Podcast
In episode 101: Start the new year off right by following our top 10 cybersecurity and privacy resolutions! ** Show notes and links mentioned on the show ** Recommended Password Managers KeePass ...
Shared Security Podcast
Facebook Popup Phishing Page (Social Login)

Google Nest’s Secret Microphone, Facebook Login Phishing, Password Manager Vulnerabilities – WB57

| | 1Password, Cybersecurity, Dashlane, facebook, google, home security, KeePass, lastpass, Myki, Nest, password manager, password managers, passwords, Phishing, Podcast, Podcast Episodes, Privacy, Vulnerabilities, Weekly Blaze Podcast, Windows
This is your Shared Security Weekly Blaze for February 25th 2019 with your host, Tom Eston. In this week’s episode: Google Nest’s secret microphone, a new Facebook login phishing campaign, and vulnerabilities ...
Shared Security
Researchers extract master password in cleartext from 1Password

Researchers extract master password in cleartext from 1Password

| | 1Password, Dashlane, Industry News, KeePass, lastpass, memory scrubbing, Password, password manager, password scrubbing, password stuffing, sensitive memory
Regular internet users today juggle numerous accounts on various platforms and websites, often using the same weak password for all of them. Tech-literate users employ different passwords for different accounts, and strong ...
HOTforSecurity
The Year Targeted Phishing Went Mainstream

The Year Targeted Phishing Went Mainstream

| | A Little Sunshine, Dashlane, Exploit Kit, KeePass, lastpass, Phishing, sextortion, The Coming Storm, Typosquatting
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site ...
Krebs on Security
Google: Security Keys Neutralized Employee Phishing

Google: Security Keys Neutralized Employee Phishing

| | Chrome, Dashlane, dropbox, Duo Security, edge, facebook, FIDO Alliance, Firefox, Firefox Quantum, GitHub, Google Advanced Protection, KeePass, lastpass, Microsoft, opera, Safari, Security Keys, Security Tools, U2F, Web Authentication API, WebAuthn, World Wide Web Consortium, Yubikey
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of ...
Krebs on Security