Skip navigation
Help

Keystroke logging

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.
Original author: 
Jon Brodkin

Aurich Lawson / Thinkstock

It's time to ask yourself an uncomfortable question: how many of your passwords are so absurdly weak that they might as well provide no security at all? Those of you using "123456," "abc123," or even just "password" might already know it's time to make some changes. And using pets' names, birth dates, your favorite sports teams, or adding a number or capital letter to a weak password isn't going to be enough.

Don’t worry, we're here to help. We’re going to focus on how to use a password manager, software that can help you go from passwords like "111111" to "6WKBTSkQq8Zn4PtAjmz7" without making you want to pull out all your hair. For good measure, we'll talk about how creating fictitious answers to password reset questions (e.g. mother's maiden name) can make you even more resistant to hacking.

Why you can’t just wing it anymore

A password manager helps you create long, complicated passwords for websites and integrates into your browser, automatically filling in your usernames and passwords. Instead of typing a different password into each site you visit, you only have to remember one master password.

Read 83 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher


The MT.Gox lookalike site that delivered malware to unwitting Bitcoiners.

In another example of the security mantra of "be careful what you click," at least one Bitcoin trader has been robbed in a forum "phishing" attack designed specifically to ride the hype around the digital currency. The attack attempts to use Java exploits or fake Adobe updates to install malware, and it's one of the first targeted attacks aimed at the burgeoning business of Bitcoin exchanges.

The bait for the attack was a post to a Bitcoin traders' forum announcing that MT.Gox was going to start handling exchanges of Litecoins, a Bitcoin alternative. The post advertised a live chat on the topic at a link provided to mtgox-chat.info. That site, which used stolen code and style to masquerade as the legitimate MT.Gox site, then prompted victims to update their Java plugin and offered a forged Adobe updater.

The scam was first reported on reddit earlier this week, when a redditor reported spotting the fake site and its attempt to drop malware. While the attack was originally described by one of its victims as a "Java zero-day" exploit, it actually uses either a Java exploit or a fake Adobe updater to deliver its malware payload. That payload is DarkComet, a fairly common "remote administration tool" and keylogger. The attackers not only stole credentials for the victim's MT.Gox account, but they took other passwords as well.

Read 8 remaining paragraphs | Comments

0
Your rating: None

New submitter Golgafrinchan passes along this quote from an article at Wired:
"A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over Afghanistan and other warzones. The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech's computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military's most important weapons system.'"

Read more of this story at Slashdot.

0
Your rating: None