LastPass has notified its users that it experienced some “suspicious behavior” on their servers and they believe that “email addresses, password reminders, server per user salts, and authentication hashes were compromised”. They also made clear that “we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed”.
For over two decades, the prevailing utility for sending and receiving encrypted files was PGP (Pretty Good Privacy) – including the popular free and open-source implementation GNU Privacy Guard (GPG). In order to use PGP, you needed to use a software tool to create at least one pair of encryption keys: one public (which you
Here are some top stories from the last month: The FREAK bug. You can read the in-depth info here, but the gist of this is that a “man in the middle” could force an encrypted HTTPS web connection to use really old and really weak encryption, thus allowing someone (probably the man in the middle)
It’s been almost two years now and the bombshells from the Snowden leaks are still falling. If we didn’t believe it before, we must all now acknowledge that we simply cannot trust that our regular mobile communications are secure – that includes phone calls as well as text messaging. While I believe in my heart
It’s been quite an active few weeks in the realm of security and privacy. Here are the top stories and what they mean for you. I’m trying to keep these short and sweet, and then point you to other sources for more information. IRS phone scams. It’s tax time, and the bad guys are out
While I try to send out timely notes via Twitter for security issues, I’m going to also try to periodically summarize recent news items with a blog post. This is the first such posting. Let’s get to it… If you haven’t updated your Adobe Flash player, you should do it right away. Adobe has patched
