SecHub

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations (threatpost.com)

1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory.

Sophisticated phishing: a roundup of noteworthy campaigns (malwarebytes.com)

A phishing page that hides behind a translation service. A kit that uses fake font files. A hyper-realistic campaign that could likely fool even the pros. We look at these noteworthy phishing attempts and more to show how far phishers have evolved, and remind users to remain vigilant against this threat.

GitHub Increases Rewards, Scope For Bug-Bounty Program (threatpost.com)

GitHub is offering unlimited rewards for critical vulnerabilities - and has added "safe harbor" terms to its bug bounty program.

Microsoft Edge lets Facebook run Flash code behind users' backs (zdnet.com)

Google security researcher finds secret whitelist that lets Facebook run Flash content despite Edge's normal security policies.

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections (threatpost.com)

As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts.

Good bots, bad bots: friend or foe? (malwarebytes.com)

Bots are an endless source of debate online, but all we ever hear about are the bad ones. In this post, we look at some examples you've probably already run into, and explain why one person's good bot is another organization's bad one.

WinRAR versions released in the last 19 years impacted by severe security flaw (zdnet.com)

Over 500 million WinRAR users at risk. Users advised to update WinRAR as soon as possible.

9 Years After: From Operation Aurora to Zero Trust (darkreading.com)

How the first documented nation-state cyberattack is changing security today.

Details on Recent DNS Hijacking (schneier.com)

At the end of January, the US Department of Homeland Security issued a warning regarding serious DNS hijacking attempts against US government domains. Brian Krebs wrote an excellent article detailing the attacks and their implications. Strongly recommended....

Ep. 020 – Leaky containers, careless coders and risky USB cables [PODCAST] (nakedsecurity.sophos.com)

Here's the latest Naked Security podcast... enjoy!