passwords

Dangerous features are creeping into legitimate Chrome extensions. How to keep your organization safe?

How to avoid giving away your password to scammers when logging in to third-party sites or viewing “encrypted” or “confidential” documents.

Mistakes to learn from in 2024 – and resolutions for a safer 2025.

Scammers have invented a new trick — they post cryptowallet seed phrases in YouTube comments using newly created accounts. Here’s how it works

How a simple, well-known general threat became a key targeted-attack vector on companies.

We discuss the recently discovered Nearest Neighbor attack method, which enables attackers to compromise a Wi-Fi network from the other side of the world.

We’ve updated the design of our password manager’s mobile version. Storing and managing passwords is now even more convenient.

Five dead simple tips to greatly improve your defenses against cybercriminals.

Discontinuing mandatory password rotations, banning outdated MFA methods, and other updates in the NIST SP 800-63 standards for digital account authentication and management.

Recent research describes a method for snooping on what Apple Vision Pro users enter on the virtual keyboard.

Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.

Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?

“Gentle grafters” are attacking dishonest crypto users by imitating wallet leaks and manipulating their victims for months.

Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.

A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.

Almost six out of ten passwords can be cracked in less than an hour using either a modern graphics card or cloud services. All it costs is a few dollars and some free time. How this is possible and what to do about it is the topic of our study.

Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.

Google has unveiled new privacy and security features coming to Android 15. We take a look at the innovations in the upcoming operating system update.

A credential stuffing attack is one of the most effective ways to take control of accounts. Here’s how it works and what you should do to protect your company.

Dropbox has shared a report on a data breach in the Dropbox Sign e-signature service. What does this mean for users, and what should they do?

On World Password Day, we explain how we protect your sensitive data, and share tips for creating truly strong passwords.