Posts Tagged password

Password Security Compromised On Andriod

From ArsTechnica:

Clark agreed that any Android-based password manager that uses the OS clipboard is susceptible. He strongly recommends that people stop using any app setup that works this way. Many apps use standalone browsers, browser extensions, or software keyboards to enter credentials into login fields. There is no evidence they are susceptible to sniffing. The reason ClipCaster takes special aim at LastPass, Clark said, is simple. It just happened to be the manager he installed on his phone. There are no reports that password managers running on iOS or Windows Phone are vulnerable. But there can be way to know for sure, since Ars is unaware of the any comprehensive study testing the security of managers on those platforms.

 

, , , ,

No Comments

1.2 Billion Passwords Stolen by Gang in Russia

From USA Today:

Security researchers say a Russian crime ring has pulled off the largest known theft of confidential Internet information, including 1.2 billion username and password combinations and more than 500 million email addresses.

, , , , ,

No Comments

Spy Apps For the Individual

Silent Circle – Secure Communications

Photo Trap – Tamper Detection

Life360 – Safety and Tracking

1Password – Secure Password Management

iDiscreet – Data Encryption

Norton Mobile Security – Firewall for Phones

, , , , , , ,

No Comments

The Cyber Security Industrial Complex

From: MIT

A claim by Wikileaks that documents it released last week provide evidence of a “secret new industry” of mass surveillance was as breathless as previous pronouncements from Julian Assange’s organization. But the material does provide a stark reminder that our online activities are easily snooped upon, and suggests that governments or police around the world can easily go shopping for tools to capture whatever information they want from us.

The take-home for ordinary computer users is that the privacy and security safeguards they use—including passwords and even encryption tools—present only minor obstacles to what one researcher calls the “cyber security industrial complex.”

“There is no true privacy in any computing systems against determined government-level surveillance,” says Radu Sion, a computer scientist at Stony Brook University who directs its Network Security and Applied Cryptography Laboratory. He says that as computing systems become more complex, and reliant on components from many different suppliers, the number of vulnerabilities that can be exploited by attackers and surveillance tools will grow.

more

 

, , , , ,

No Comments

Zeus Trojan Targets Government and Military Workers

From: Angela Moscaritolo

A new campaign of the password-stealing Zeus trojan is targeting workers from government and military departments in the United States and United Kingdom, according to security researchers at Websense. The trojan is being distributed through spoofed emails claiming to come from the U.S. National Intelligence Council. The bogus messages contain subject lines such as “Report of the National Intelligence Council.” The emails aim to lure users into downloading a document about the “2020 project,” which actually is Zeus. — AM

, , , , ,

No Comments