#Information Security


LastPass user information exposed in data breach

What just happened? LastPass, the popular password manager that boasts over 33 million customers and 100,000 business users, has been hacked, again. The company says that, unlike the last time, user data was exposed in this latest incident, but the company stresses that passwords were not compromised. LastPass CEO Karim...
Picture for LastPass user information exposed in data breach

The Most Used Passwords in America and How Long They Take to Crack

Harvard University’s Information Security group says a good password for an online account has at least 10 characters with a combination of English uppercase and lowercase letters and numbers and symbols, like # or %. The group suggests starting with a word you can remember and then modify it to meet these requirements. For example, […]
Picture for The Most Used Passwords in America and How Long They Take to Crack

LastPass Reports Another Security Breach, Perps Leveraged Info Stolen Previously

LastPass has posted a notice that it has experienced another data breach – with the perpetrators apparently utilizing information stolen before. LastPass is best known for its GoTo products enabling virtual operating environments. LastPass stated:. “We recently detected unusual activity within a third-party cloud storage service, which is currently...
Picture for LastPass Reports Another Security Breach, Perps Leveraged Info Stolen Previously

LastPass security breach did allow access to customer data after all, reveals company

The LastPass security breach that occurred back in August did allow attackers to access customer data, says the company. It had previously said that no customer data was compromised. LastPass owner LogMeIn stresses that customer passwords have not been compromised, as the company uses end-to-end encryption so that only the...

Aussie Deals: Gifts for Security Conscious Gamers

Life isn't always easy. Whether you're navigating online realms or IRL, you should know that pitfalls can and do pop up. All that being said and as much as we'd all love to be living in a scumbag-free utopia, protective measures are required. Quite a few of them, in fact. A wise traveller will cover themselves for financial protection, physical security, PC file health and even an invisibility cloak to thwart the prying eyes of Big Brother.
Digital Trends

Hackers just stole LastPass data, but your passwords are safe

The developers behind password management software LastPass have just shared some concerning news: Bad actors were recently able to access “elements of our customers’ information” in a recent security breach. It’s the second time in just a couple of months that LastPass has suffered a security incident,...
AOL Corp

South Dakota bans TikTok from government-owned devices

Kristi Noem, the governor of South Dakota, has signed an executive order prohibiting government employees, agencies and contractors from downloading and using TikTok on state-owned devices. In her office's announcement, Noem said she issued the order due to growing security concerns that the Chinese Communist Party (CCP) has been using the social media app to gather information from American users and leveraging it to manipulate them. The order is already in effect and also prohibits government personnel from visiting the TikTok website on browsers.

LastPass Just Had (Another) Security Breach

The LastPass password manager suffered a security breach back in August, resulting in source code and other proprietary information being stolen, but no account information. Now it has suffered another breach, and this time, some user data was stolen. LastPass announced the new security problem in a blog post, saying...

Security breach exposes LastPass user data

Unauthorized users gained access to user data by breaching a third-party cloud service used by LastPass. The breach is related to an August, 2022, incident where hackers stole code and gained access to LastPass' systems.

Kaspersky Security Bulletin 2022. Statistics

All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components in our security solutions. The data was obtained from users who had given their consent to it being sent to KSN. Millions of Kaspersky users around the globe assist us in collecting information about malicious activity. The statistics in this report cover the period from November 2021 to October 2022, inclusive.

LastPass Breached Again – The Second Time in 2022

Password-management firm LastPass has suffered a second security incident this year. In August, Hackread reported an intrusion into the company’s development environment due to a compromised developer account. This time, the company’s affiliate GoTo has become a victim of a breach in which unidentified attackers targeted their shared cloud-storage...

The Rise Of Crypto Hackers And The Best Ways To Steer Clear Of Them

Crypto hacking is a growing problem in the cryptocurrency industry. With the rise of digital currencies and the rise in the value of some of these currencies, hackers are finding new ways to target users and take advantage of their vulnerabilities. What is crypto hacking?. Crypto hacking is a form...

GraphQL Vulnerability Analysis: The Top Threats

Publicly available vulnerability data can be a goldmine for insights into how DevOps and DevSecOps teams can prioritize threats and improve security across the pipeline. With this in mind, Inigo recently performed a deep-dive analysis of known vulnerabilities affecting GraphQL components—including GraphQL clients such as Relay and GraphQL servers such as Apollo, Graphene, Ariadne, GitLab Enterprise, Magento and others. Our main data sources for this investigation were the MITRE CVE database and the HackerOne Hacktivity portal.

Windows spyware steals data from your phone too

Information security usually focuses on a single device, at least as far as consumers are concerned. But in an increasingly connected world, it might be worth re-examining that approach. Case in point: a newly discovered piece of malware in use by state-sponsored hacking groups. Private security company ESET found that the tool, once established on a Windows PC, will search the storage of any phone connected for even more information to steal.

North Korean Spies ‘ScarCruft’ Exploit Dolphin Backdoor to Launch Attacks

ESET researchers have found the use of a Dolphin backdoor by ScarCruft group to launch a cyberattack on specific targets. As per reports, the hacker collective looks for compromised systems on Google Drive and accesses files it desires. This backdoor was also used in a watering hole attack on a South Korean digital newspaper in 2021.

CIS Benchmarks: 3 Critical Things To Know For Compliance

Information security is all about maintaining certain standards and benchmarks. Of those standards, the CIS Benchmarks are one of the most common. When you navigate to the CIS Benchmarks website, you may find yourself quickly overwhelmed as you may not be sure where to begin with system hardening. The site lists over a hundred standards associated with dozens of vendors. If you are unfamiliar with the standards, attempting to navigate through the site cold can make your head spin. If you have ever had trouble identifying or keeping track of the CIS Benchmarks relevant to your organization, tools, and industry, you have come to the right post.

LastPass Security Breach Worse Than Initially Reported

Back in August, password management company LastPass announced that it was the victim of a security breach where hackers got away with source code and other technical information. At the time, the company assured the public that no customer data had been compromised. Now, it’s changing its story. In...