Password Management Archives - Cyber Security Minute

Hacked home computer of engineer led to second LastPass data breach

Issued by: CSO Online

Password management company LastPass, which was hit by two data breaches last year, has revealed that data exfiltrated during the first intrusion, discovered in August, was used to target the personal home computer of one of its devops engineers and launch a second successful cyberatttack, detected in November. The threat actor involved in the breaches…

Application Security

LastPass revealed that encrypted password vaults were stolen

Issued by: Security Affairs

In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. In response to the incident, the company deployed containment and mitigation measures and implemented additional enhanced…

Application Security, Network Security

Keeper Security Acquires Glyptodon

Issued by: Dark Reading

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software covering password management, dark web monitoring, digital file storage and messaging, today announced the acquisition of Glyptodon, the creator of Glyptodon Enterprise, a remote access gateway which provides DevOps and IT teams with effortless access to RDP, SSH, VNC and Kubernetes endpoints through a…

Malware & Threats

Port of Houston Target of Suspected Nation-State Hack

Issued by: Security Week

The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.” Cybersecurity and Infrastructure Security Agency Director Jen Easterly initially disclosed that the port was the target of an attack…

Software Security

Review: Specops Password Policy

Issued by: Help Net Security

Specops Password Policy is a powerful tool for overcoming the limitations of the default password policies present in Microsoft Active Directory environments. To be fair, Microsoft did revise and upgrade the default password policy and introduced additional, granular fine-tuning options over the years, but for some enterprise environments that’s still not enough, so Specops Password…

Network Security

Is passwordless authentication actually the future?

Issued by: Help Net Security

While passwords may not be going away completely, 92 percent of respondents believe passwordless authentication is the future of their organization, according to a LastPass survey. Passwordless authentication reduces password related risks by enabling users to login to devices and applications without the need to type in a password. Technologies such as biometric authentication, single-sign-on…

Malware & Threats

Ransom from Home – How to close the cyber front door to remote working ransomware attacks

Issued by: Trend Micro Blog

Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…

Network Security, Vulnerabilities

Users still engaging in risky password, authentication practices

Issued by: Help Net Security

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, according to Yubico and Ponemon Institute. The conclusion is that IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation…

Network Security

78% of people forgot a password in the past 90 days

Issued by: Help Net Security

Passwords are the dominant way online services manage access to our personal and work-related lives. But often times, they’re more of a headache than a security tool. HYPR released the findings of a two and a half year Password Usage Study, which compiled data from over 500 full-time workers across the United States and Canada…

Vulnerabilities

The Inconvenient Truth About Your Eight-Character Password

Issued by: Security Intelligence

October is National Cyber Security Awareness Month (NCSAM), which means it’s time to talk about passwords for the umpteenth time. Why beat this dead horse again? Because just about everyone still uses passwords, and even the most recent password security recommendations do not make them any stronger. This year, the recommendation was eight characters —…