“FREAK” Exploit Puts Hundreds of Millions of People at Risk

by , on

Yesterday, cryptographers discovered a security flaw dating back to the 90’s, that affects OS X, iOS, and Android users on over 64,000 websites.  The FREAK exploit allows hackers to force a lower-grade of encryption, so that affected sites (with your personal information) can be cracked within a few hours.

Visit freakattack.com for more info, or click here to see the list of affected sites.

Keeper is not vulnerable to the RSA FREAK vulnerability.

Mobile World Congress 2015 Highlights: Day 2

by , on

Here are our top 5 developments from Day 2 at MWC 2015:

  • Fujitsu showed off a prototype smartphone that uses an infrared camera to scan your irises for your password
  • Qualcomm announced ultrasonic 3D fingerprint authentication
  • Intel revealed three new mobile chips, the Atom x3, x5, and x7
  • BlackBerry showed their new Leap smartphone, a $275 device that claims to have a battery that lasts 25 hours with heavy use
  • Silent Circle announced their second-edition Blackphone secure smartphone.

 

Check back tomorrow for Day 3 updates!

Mobile World Congress 2015 Highlights: Day 1

by , on

Our team has made it safely on the ground in Barcelona to discover and share the latest technology in the mobile industry.

 

Here are the top #MWC15 day 1 highlights:

  • Huawei announced its Android Wear-powered device, the Huawei Watch.  It will have a sapphire glass screen, 6-axis motion sensor and a heart rate monitor
  • Mozilla will be launching new Firefox OS phones, planned to launch in 2016
  • The HTC One M9 was announced – it will come with a higher quality camera that allows better-quality selfies even when taken indoors
  • Samsung revealed the Galaxy S6 and Galaxy S6 Edge, as well as “Samsung Pay”

 

Check back tomorrow for Day 2 highlights!

Uber Hacked, Takes GitHub to Court to Find Hackers

by , on

Uber is now revealing that their database of over 50,000 drivers was hacked back in May, and they have subpoenaed GitHub to hand over IP addresses of the suspects.

The lawsuit reads, “On or around May 12, 2014, from an IP address not associated with an Uber employee and otherwise unknown to Uber, John Doe used the unique security key to download Uber database files containing confidential and proprietary information from Uber’s protected computers.”

Read more here.

Lenovo’s Website Appears to Have Been Hacked by Lizard Squad

by , on

Lenovo’s website was hacked yesterday.

Just a week after it was announced that Lenovo was installing “Superfish” adware on its factory-fresh laptops, the Lizard Squad has hacked the Lenovo.com website and turned it into a slideshow of webcam images set to pop music.  This is the same group that took down the Playstation Network and Xbox Live on Christmas Day, and also took down Google Vietnam earlier this week.

Read the rest of the story on Mashable.

Anthem Says Up To 18.8 Million Non-Customers Could Also Have Been Hacked

by , on

Anthem is now estimating that between 8.8 and 18.8 million non-customers could also be victims in the data breach where hackers stole records with sensitive information.  Independent Blue Cross Blue Shield customers are the ones who are potentially affected.  Since Anthem is part of their network, Anthem holds all of their customer records in the database that was hacked.

This brings the updated number of stolen database records in the Anthem hack to 78.8 million customers.

Read the rest of the story on Reuters here.

LinkedIn Settles Lawsuit for $1.25 million over Weak Passwords

by , on

Back in June of 2012, 6.5 million LinkedIn passwords were exposed on a Russian hacking site, and now LinkedIn is paying the price.  Customers made the case in court that LinkedIn had deceived them about the level of internet security that was being used to protect their passwords.  Up to 800,000 American users will be eligible to make a claim.

Read more here: http://bits.blogs.nytimes.com/2015/02/23/linkedin-settles-class-action-suit-over-weak-password-security/

Remember to use Keeper to keep all of your passwords and files safe – it’s free.  Try it here.

Lenovo Installing “Superfish” Adware on New Laptops

by , on

Lenovo is pre-installing adware, called SuperFish, to factory-fresh laptops that hijacks search results on all browsers and has the ability to steal private data including passwords.   The adware injects third-party ads into Google searches and into websites without the user’s permission.   If you own a Lenovo laptop, you can go here to see if you are infected.

Read more about Superfish here on Gizmodo.

3 Secrets for Staying Safe Online in 2015

by , on

2014 is known as the “year of data breaches.” Last year cyber attacks became front page news week after week. It’s unfortunate, but 3 in 4 Americans have fallen or will fall victim to hacking. So, what can we do to stop hackers? Quite simply, the biggest security vulnerability that exists is: the password.

More than a decade ago, Bill Gates predicted the death of the password. Reality: passwords are still the most common authentication method. And, in today’s world, we all must get smarter about password management and more importantly be proactive when it comes to cybersecurity.

Don’t fall victim to the old way of doing things, hackers are getting more sophisticated and the world is not keeping up. Following are some tips and advice to help you stay cyber-safe in 2015.

  • Utilize a Password Manager. We all have many different logins and passwords to keep track of. Often people don’t want to remember or simply can’t remember multiple, strong passwords – and, you should never use a password on more than one site. Additionally, passwords should never be in plain text, saved or sent in an email, word document, excel spreadsheets, sticky notes, etc. Passwords should always be at least six characters in length and consist of letters, numbers and symbols. The easiest and most secure way to remember passwords is by utilizing a password manager. Today, the average Keeper user has approximately 90 different passwords in their vaults.
  • Change passwords often. We know, we know. You’ve heard it before. But this simple practice is one of the best ways to protect your accounts from hacking, and yet few people actually take the time and effort to update their passwords on a regular basis. Keeper’s automatic, high-strength password generator makes it quick and easy to change your passwords regularly.
  • Enable two-factor authentication. Two-factor authentication adds an extra step to your log-in process to ensure the person accessing your records is in fact you. Gmail for example allows the user to implement two-factor authentication to access their account. How it works through Keeper – if you enable the two-factor authentication capability in your Keeper vault, Keeper will either send you a text or call you with a one time code that you will be prompted to enter prior to being able to login to any of your accounts. Or, Keeper allows users to choose a Google Authenticator QR Code. Ultimately, this is a great way to add an extra security layer to your online accounts.

Conclusion: Putting online security first will ensure a safe and secure 2015. Make the decision to truly protect your sensitive information and invest in long term security. Check out  Keeper.

Top Cyber Attacks of 2014 – What We Have Learned

by , on

It’s been quite a year in cybersecurity. 2014 saw many high-profile hacks, leaks and breaches. The most recent attack on Sony was among a handful of massive data breaches this year including those against eBay, Home Depot and JPMorgan Chase.

Ultimately, what we have learned is that cybersecurity is not an option. It is essential – for both individuals and businesses. Cybersecurity must be a top IT priority in every business. These cyber attacks have affected millions of consumers – their passwords and personal information were stolen – and, this has become front-page news in the process.

It’s important to be aware of the cybersecurity climate we all live in and to be educated. When it comes to what we have learned over this last year; data breaches are on an exponential rise. But, individuals and companies can make changes. Protect your employees, your brand, reputation and lastly, your bottom line. Paying for security is a small fraction of the value it creates and saves you – it’s well worth it.

At Keeper, we believe every piece of confidential information inside a company should be encrypted and stored in a military-grade vault. Everyone deserves to have a “Fort Knox.” And, right now, the company that isn’t prepared has to be reactive and that’s a very painful situation to be in.

Companies have a fiduciary duty to their employees to be proactive with cybersecurity in protecting their private information. It’s a good time for all companies to review their security measures, policies and internal controls. Change your passwords and make them strong – use letters, numbers and symbols. Don’t save plain-text files in an unencrypted and unsecure system. Check employee log files, engage in threat detection and use a password manager and digital vault like Keeper. Once a company’s employees start using Keeper – they love it.  It’s amazing how easy and secure it is – think of Keeper as hardcore hacker repellant on steroids.

As the year comes to an end, we reflect back on what we’ve seen and what we’ve learned. It’s painful to keep reading about these breaches in the news. We have learned a great deal from these hacks but most importantly, we find peace in knowing that we can help – in a huge way.