Whether or not password managers are a good idea is up for debate. I understand the concerns about storing all of your login credentials in a single place -- in the cloud no less. With that said, the benefits outweigh the negatives. Look, it is impossible to remember a unique password for countless web sites nowadays. One alternative to a password manager is reusing the same password on numerous sites, and that is foolish behavior. Right now, a solution like LastPass or 1Password is the best we have, and I suggest it wholeheartedly.

LastPass in particular is great, as it is free to use and is cross-platform. It even works on Linux desktop operating systems such as Ubuntu, Fedora, and Chrome OS. For a single dollar every month, you can opt for a premium account that supports the developer and gives you a few exclusive features. Well, guess what? LastPass is doubling the monthly fee for the Premium tier from one dollar to two. Yes, rather than $12 a year, it is now $24. Still extremely inexpensive, right? No one would complain about that, right? Wrong. Many LastPass users are stupidly complaining.

Continue reading →

LogMeIn has revealed a major new deal which it says will help its services become smarter and more personalized than ever.

The privacy firm has announced that it will acquire the digital self-service, chatbot and virtual assistant company Nanorep to provide more personalized experiences for its customers.

Continue reading →

A new survey of IT and security professionals reveals that many teams lack the appropriate endpoint detection and response tools to quickly and efficiently deal with security alerts without the need to take endpoints offline to re-image them.

The survey of 385 North American professionals by forensic security specialist Guidance Software reveals that 95 percent of respondents say advanced software functionality for malware removal and system recovery -- without the need to re-image a system -- is important in an endpoint security suite.

Continue reading →

As the overall percentage of encrypted traffic increases, hackers are increasingly using SSL to conceal device infections, and hide their other activities.

A new study from Zscaler finds that an average of 60 percent of the transactions in the Zscaler security cloud have been delivered over SSL/TLS.

Continue reading →

The latest DDoS intelligence report from Kaspersky Lab shows that long-lasting attacks are making a comeback.

The longest attack in the second quarter of this year was active for 277 hours (more than 11 days) -- which is a 131 percent increase compared to the first quarter and a current record for the year.

Continue reading →

Millions of smartphones around the world could have been affected by a Wi-Fi security flaw, security researchers have claimed.

Broadcom's mobile Wi-Fi chips hid a vulnerability on them which could have allowed malicious actors to potentially attack a billion Android or iOS devices.

Continue reading →

Amber Rudd, the UK Home Secretary, has claimed that "real people often prefer ease of use and a multitude of features to perfect, unbreakable security." Rudd holds the Conservative government's belief that it should be able to access encrypted messages, even when end-to-end encryption is used, such as with WhatsApp.

Using terrorism as a justification for wanting to gain access to encrypted messages, she goes on make extraordinary and misguided claims about what she and the government want. Her bizarre and misinformed rant in the Daily Telegraph is deeply concerning, not only because of the implications her suggestions have on privacy, but also the lack of technical knowledge she demonstrates while making her claims and demands.

Continue reading →

The second quarter of this year has seen two of the largest recorded cyber attacks in WannaCry and NotPetya, and the latest quarterly report from Panda Security reveals there's been an increase in unknown threats too.

PandaLabs analyzed attack data collected from all devices protected by one of Panda Security's solutions and discovered a 40 percent increase in attacks from unknown threats from the previous quarter.

Continue reading →

Small and medium sized businesses increasingly feel that they're vulnerable to cyber threats but most aren't prepared to meet them.

A new survey from endpoint security specialist Webroot finds that 96 percent of businesses with 100 to 499 employees in the US, UK and Australia believe their organizations will be susceptible to external cybersecurity threats in 2017. But although they recognize the threats, 71 percent admit to not being ready to address them.

Continue reading →

As we acquire more voice activated smart devices, there's always the risk that they could be eavesdropping on day-to-day conversations.

We've already seen reports of spying TVs, and now MWR InfoSecurity has exposed a vulnerability in Amazon Echo that can turn it into a listening device without affecting its functionality.

Continue reading →

Ransomware is often considered a somewhat low-stakes annoyance: in most cases, the data itself doesn’t leave the network and public operations aren’t compromised. NotPetya changed the game -- it’s shown us the potential of how wildly damaging ransomware infections can be from here on out. It can feel like science fiction at times, but is now utterly reasonable to consider any data or device with a CPU and memory on your network as something that can be held hostage by ransomware.

Ransomware has proven to be a lucrative endeavor: more and more central and important systems are being targeted. Cryptolocker targeted family photos. Later variants somewhat indiscriminately encrypted any user file they had access to -- and last month, we saw NotPetya locking out machines entirely.

Continue reading →

A distributed denial of service or DDoS is a method used to deny access for legitimate users of an online service. This service could be an e-commerce website, a bank, a SaaS application, or any other type of network service. Some attacks even target VoIP infrastructure.

DDoS attacks are becoming threatening to every type of business. Whether, ecommerce or other online business, none of the firms are safe these days. The situation turned grave especially since 2010 onwards. Hundreds of businesses, both small and large, have lost millions of dollars because of the DDoS attacks.

Continue reading →

HBO is the latest company to suffer a hack and subsequent leak of shows. Hackers are said to have breached the network's security and gained access to 1.5TB of data including Game of Thrones scripts and unaired episodes of shows.

Episodes of Ballers and Room 104 have been leaked online, but it is the release of what appears to the script to next week's Game of Thrones that's drawing the most attention.

Continue reading →

Buying a house is the biggest purchase most people make, with large amounts of money involved it’s not surprising that these transactions are attractive to cyber criminals.

Security specialist Barracuda Networks has released an analysis of a recent mortgage spear phishing attempt where an attacker attempted to divert a payment.

Continue reading →

It's hard -- for me at least -- to get too excited about hard drives. They get bigger, they get faster, and that's about it. But the iStorage diskAshur2 is a little different. This is a 1TB USB 3.1 external hard drive with a twist.

It offers hardware-level AES-XTS 256-bit encryption -- so no software is needed -- secured with PIN authentication. As you can see from the photo, there's a PIN pad built into the drive for easy locking and unlocking, and it's compatible with Windows, macOS and Linux ("it will work on any device with a USB port!"). We've already look at the diskAshur Pro 2, but this diskAshur2 drive is nearly 20 percent cheaper.

Continue reading →