Security News

Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets
2023-07-03 09:38

In yet another sign of a lucrative crimeware-as-a-service ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions. "The Meduza Stealer has a singular objective: comprehensive data theft," Uptycs said in a new report.

Proton launches open-source password manager with some limitations
2023-06-29 14:56

Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser extension or mobile app on Android and iOS.manager. Proton has been offering various privacy-focused products and services for some time, including the end-to-end encrypted Proton Mail email service, the Proton VPN service, and the Proton Drive cloud storage service.

Google Chrome password manager gets new safeguards for your credentials
2023-06-08 16:00

Google Chrome is getting new security-enhancing features for the built-in Password Manager, making it easier for users to manage their passwords and stay safe from account hijacking attacks. The Chrome Password Manager is an integrated part of Google's services that can manage and autofill credentials on the Chrome browser and other Google software products, syncing the login information across all apps used by the same Google Account.

ViperSoftX info-stealing malware now targets password managers
2023-04-28 17:37

A new version of the ViperSoftX information-stealing malware has been discovered with a broader range of targets, including targeting the KeePass and 1Password password managers. The report comes from researchers at Trend Micro, who state that ViperSoftX now targets more cryptocurrency wallets than before, can infect different browsers besides Chrome, and is also starting to target password managers.

Passbolt: Open-source password manager for security-conscious organizations
2023-04-03 04:52

In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager guarantees the utmost level of security for businesses, highlights its features in the competitive landscape, sheds light on how Passbolt meets the distinct requirements of teams and organizations, and more. Passbolt is developed using proven security standards like OpenPGP and complies with security auditing standards such as SOC2 Type II. All of our security practices meet or exceed industry standards.

My Password Manager was Hacked! How to Prevent a Catastrophe
2023-02-15 15:06

Protecting this account from phishing, or brute-force password attempts through a strong password policy, will keep a threat actor from accessing your company's password vaults. NIST recommends checking passwords against a breached password list.

Dashlane password manager open-sourced its Android and iOS apps
2023-02-05 17:17

Dashlane announced it had made the source code for its Android and iOS apps available on GitHub under the Creative Commons Attribution-NonCommercial 4.0 license. The popular subscription-based password manager and digital wallet have decided to release the code of its mobile apps to increase transparency in how they operate while also promoting a more collaborative and open development approach going forward.

NortonLifeLock warns that hackers breached Password Manager accounts
2023-01-13 16:47

Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. More specifically, the notice explains that around December 1, 2022, an attacker used username and password pairs they bought from the dark web to attempt to log in to Norton customer accounts.

How to deploy a self-hosted instance of the Passbolt password manager
2022-12-28 17:23

Passbolt is a password manager you can use for team collaboration, and it offers plenty of the features you've grown accustomed to having at your fingertips, such as a random password generator, team collaboration, folders, tags and user access control. This password manager is designed specifically for Agile and DevOps teams, and it's application programming interface-centric and developer-first.

Critical Security Flaw Reported in Passwordstate Enterprise Password Manager
2022-12-22 12:02

Multiple high-severity vulnerabilities have been disclosed in Passwordstate password management solution that could be exploited by an unauthenticated remote adversary to obtain a user's plaintext passwords. "Successful exploitation allows an unauthenticated attacker to exfiltrate passwords from an instance, overwrite all stored passwords within the database, or elevate their privileges within the application," Swiss cybersecurity firm modzero AG said in a report published this week.