LastPass security update fixes credential leak bug
LastPass released a new security update that fixes a vulnerability that exposes credentials from a previously visited website. The new version 4.33.0 was released on September 12.
Slack resets passwords exposed in 2015 breach
Slack has reset passwords for close to 1% of overall Slack accounts in response to new information learned from 2015 security breach.
Facebook says Millions of Instagram passwords stored in clear text
Facebook provided an update to a previously disclosed incident involving insecurely storing "tens of thousands" of Instagram users' passwords on internal servers in clear text. Facebook now says that "millions" of Instagram accounts are now impacted.
Password Checkup helps protect accounts from data breaches
Google has released a new Chrome extension "Password Checkup" that warns users if their account username and passwords are known to be unsafe and leaked as part of past data breaches.
WordPress plugin maker WPML website hacked
Popular WordPress plugin maker WPML said their website was hacked over the weekend and led to the loss of customer data. The culprit was an ex-employee who exploited a backdoor planted on an unsecured web server.
Gentoo reveals hacking root cause of its GitHub repository
Gentoo provided a new security update that describes the impact and root cause of its recent GitHub Linux distribution repository hacking incident.
Twitter urges users to reset passwords
Twitter urged users on Thursday to reset their passwords after the company discovered a critical flaw in how passwords were stored unmasked in internal logs.
“Password spraying” attacks
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are releasing a warning related to brute force attacks.
GoScanSSH malware targets default and weak passwords
Talos security researchers have spotted a new family of malware dubbed "GoScanSSH" that compromises internet-facing SSH servers. The malware targets default and weak passwords via a brute force attack on SSH systems that allow password-based SSH authentication.
Keeper password manager vulnerability
Google Project Zero researcher Tavis Ormandy discovered a password manager dubbed "Keeper" that comes pre-installed by default with a vulnerability in new Windows 10 Anniversary Update (Version 1607).
- 1
- 2