home.social

#dashlane — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #dashlane, aggregated by home.social.

  1. [en] Serious security vulnerabilities in cloud-based password managers : #Bitwarden, #Lastpass, #Dashlane

    The research team of Prof. Paterson found cryptographic technologies from the 90s. "We were surprised by the severity of the security vulnerabilities".

    In most cases, the researchers were able to gain access to the passwords – and even make changes to them.

    ethz.ch/en/news-and-events/eth

    Aside from this research paper, recommended password managers often include #KeePassXC and/or #KeePassDX for Android or #KeePassium for iOS. Also, it's usually a good idea to store only accounts and passwords that are really necessary on the go, especially on mobile devices.

    #password #passwordmanager #cloudbased #security #ictsecurity #securityvulnerability #ethz

  2. [en] Serious security vulnerabilities in cloud-based password managers : #Bitwarden, #Lastpass, #Dashlane

    The research team of Prof. Paterson found cryptographic technologies from the 90s. "We were surprised by the severity of the security vulnerabilities".

    In most cases, the researchers were able to gain access to the passwords – and even make changes to them.

    ethz.ch/en/news-and-events/eth

    Aside from this research paper, recommended password managers often include #KeePassXC and/or #KeePassDX for Android or #KeePassium for iOS. Also, it's usually a good idea to store only accounts and passwords that are really necessary on the go, especially on mobile devices.

    #password #passwordmanager #cloudbased #security #ictsecurity #securityvulnerability #ethz

  3. [de] Cloudbasierte Passwortmanager mit gravierenden Sicherheitslücken: #Bitwarden, #Lastpass, #Dashlane

    Vernichtende Feststellung: "kryptographische Technologien aus den 90er-Jahren". Dem Team um Prof. Paterson war es offenbar recht einfach möglich, "Zugang zu den Passwörtern verschaffen – und diese sogar [zu] manipulieren".

    ethz.ch/de/news-und-veranstalt

    Ausserhalb dieses Berichts wird u. a. oft #KeePassXC und/oder #KeePassDX für Android oder #KeePassium für iOS empfohlen mit der zusätzlichen Empfehlung, gerade auf mobilen Geräten nur diejenigen Konti/Passwörter zu speichern, die unterwegs wirklich dabei sein müssen.

    #passwort #passwortmanager #cloudbasiert #sicherheit #ictsicherheit #sicherheitsluecken #ethz

  4. [de] Cloudbasierte Passwortmanager mit gravierenden Sicherheitslücken: #Bitwarden, #Lastpass, #Dashlane

    Vernichtende Feststellung: "kryptographische Technologien aus den 90er-Jahren". Dem Team um Prof. Paterson war es offenbar recht einfach möglich, "Zugang zu den Passwörtern verschaffen – und diese sogar [zu] manipulieren".

    ethz.ch/de/news-und-veranstalt

    Ausserhalb dieses Berichts wird u. a. oft #KeePassXC und/oder #KeePassDX für Android oder #KeePassium für iOS empfohlen mit der zusätzlichen Empfehlung, gerade auf mobilen Geräten nur diejenigen Konti/Passwörter zu speichern, die unterwegs wirklich dabei sein müssen.

    #passwort #passwortmanager #cloudbasiert #sicherheit #ictsicherheit #sicherheitsluecken #ethz

  5. @_DigitalWriter_ @chfkch @wrzlbrmpft Wenn wir von #E2E-Verschlüsselung sprechen, dann hat das nicht nur mit einer DB zu tun.

    E2E beginnt beim Client & endet beim Client. Das betrifft also alles(!) dazwischen: Übertragung, Verarbeitung, Speicherung, ...

    Insofern ein realistisches Angriffsszenario, gerade wenn es um Passwörter geht. Was ist denn noch sensibler als das?

    Wir kennen auch die diverse Gesetzgebung, wo Betreiber von (US-)Services gezwungen werden, gegen die Interessen der Kund:innen zu agieren:
    kuketz-blog.de/jenseits-der-gr

    Und dort werden dann die weltbesten staatlichen Hacker aktiv. Mit allen denkbaren technischen Mitteln.

    Insofern: wer tatsächlich #Passwörter in eine #Cloud schickt (IMO wegen der Alternativen eine unnötig dumme Idee aber OK), der soll dann auch von einer funktionierenden E2E-Verschlüsselung ausgehen dürfen.

    Alles andere ist sich ins die Tasche lügen. 🤷

    Ad Cloud: karl-voit.at/cloud/

    #Lastpass #1Pass #Bitwarden #Dashlane #Passwort #Passwortmanager

  6. This is a great paper on the risks of malicious servers when using password managers: zkae.io/. I understood about 2% of it.

    You have to dig down in the paper to see that there was pretty good engagement from the password manager developers, once contact was established. That's encouraging, particularly in the light of recent reputational damage suffered by LastPass, and doubts about its future under private equity ownership.

    #crypto #passwordmanager #lastpass #dashlane #bitwarden #1password

  7. This is, why I hate it when I am forced to "share" the keys to my castles via the cloud of password-managers like 1Password. Most local (WiFi) sync suck, or simply are dysfunctional (yes, 1Password, looking at you!). You have to trust them to encrypt the vaults adequately, which in three cases has ben shown not to be safe at all. ethz.ch/de/news-und-veranstalt #1password #enpass #Bitwarden #lastpass #dashlane #itsecurity #datasafety #passwordmanager #unsafe

  8. ETH-Forschende enthüllen gravierende Schwachstellen bei #Passwortmanager! 🚨

    Eine neue Studie aus der Schweiz zeigt, dass gängige Anbieter ihr Sicherheitsversprechen nicht halten. «Wir waren überrascht, wie gross die Sicherheitslücken sind», sagt ein Professor.

    Betroffen sind #Bitwarden, #Dashlane und #Lastpass. Mehr Infos:

    tagesanzeiger.ch/eth-zuerich-p

    #passwordsecurity #sicherheitslücke #dataprotection #datenschutz #cybersecurity

  9. ETH-Forschende enthüllen gravierende Schwachstellen bei #Passwortmanager! 🚨

    Eine neue Studie aus der Schweiz zeigt, dass gängige Anbieter ihr Sicherheitsversprechen nicht halten. «Wir waren überrascht, wie gross die Sicherheitslücken sind», sagt ein Professor.

    Betroffen sind #Bitwarden, #Dashlane und #Lastpass. Mehr Infos:

    tagesanzeiger.ch/eth-zuerich-p

    #passwordsecurity #sicherheitslücke #dataprotection #datenschutz #cybersecurity

  10. #Cloud-basierte #Passwortmanager bieten weniger Schutz als versprochen
    ethz.ch/de/news-und-veranstalt

    Forscher der ETH haben #Bitwarden, #Lastpass und #Dashlane jeweils etliche Angriffe demonstriert.

    "Wir waren überrascht, wie gross die Sicherheitslücken sind" 🤣

    Leute, bitte schenkt eure geheimsten Daten doch niemals einen Cloud-Service-Anbieter! Egal welchem.

    Lest karl-voit.at/2023/03/05/Passwo und entscheidet klug.

    #publicvoit #Sicherheit #Security #Passwort #Passwörter

  11. Schlimm genug, dass #Opera sehr kruzfristig Opera Beta/Next aufgibt. Überhaupt nicht gut läuft der Übergang von Opera Beta/Next zu Opera One.

    Synchronisierte Daten werden zwar übernommen, teilweise sogar Extensions [eine Minderheit!], doch das Speed Dial wird nicht automatisch eingespielt, Einstellungen müssen alle manuell neu vorgenommen werden, selbst erstellte Search Engines fehlen. #Dashlane - mglw. nur bedingt Operas Fehler - lässt keine beschränkt-dauerhafte Anmeldung mehr zu.

  12. Psstt... welke wachtwoordmanager gebruiken jullie? Hoe tevreden ben je daar over qua gebruiksgemak, support en tarief? En weet je waar je data wordt opgeslagen? En als je er geen gebruikt, waarom niet? #durftevragen #1password #dashlane #bitwarden #protonpass

  13. Weekly output: phone plans, Nvidia keynote, passkey adoption, Bending Spoons buys AOL, SpaceX simplifying Starship lander, Internet luminaries on the open Web

    This is not going to be a great week for normal sleep cycles: Tuesday, I will wake up at around 4 a.m. to spend a 15-plus hour shift working as an election officer for Arlington, and then Wednesday I’m off to Dulles Airport for this year’s final business trip across the Atlantic. I’m departing for Web Summit in Lisbon several days early because the organizers of another conference, the Mozilla Festival, offered a press pass and a travel stipend to cover that event in Barcelona. I’ve heard good things about this conference over the years, so accepting an invitation to spend a few days in one of my favorite cities in Europe was an easy call.

    In addition to what you see below, Patreon readers got a detailed recap of how this past week’s event-packed schedule left its own series of dents in my calendar.

    10/28/2025: The Best Cell Phone Plans, Wirecutter

    This was going to be a modest update to the guide that I’ve been maintaining since 2014, but T-Mobile jacking up prices while AT&T and Verizon inflicted more modest rate hikes led to us dethroning T-Mo on cost grounds and handing our “for most people” pick to AT&T, which has advanced its own 5G network considerably.

    10/28/2025: In DC, Nvidia CEO Touts New AI Partnerships, Goes a Little MAGA, PCMag

    Heading into Nvidia’s conference, I was worried that CEO Jensen Huang would go into the weeds about the finer points of GPU architecture. Instead, he used this nearly two-hour keynote to jump from topic to topic without getting into too much detail about any of them–and kept coming back to opportunities to praise President Trump.

    10/29/2025: Passkey Adoption Sees Striking Progress, With One Obvious Leader, PCMag

    I struggled to get this written at the end of a long workday, resulting in my getting some nuances wrong that required updating the post the next morning.

    11/1/2025: Serial Dot-Com Purchaser Bending Spoons to Buy AOL, But Why?, PCMag

    Writing about AOL in 2025 makes me feel so old, but as one of PCMag’s graybeards I had to cover the news of Bending Spoons buying the company that once ruled the online world. I got to this story a day after it broke, so I turned that lag into an opportunity to expand the piece with some quotes from a publicist for that Italian firm and from a podcast interview of its CEO Luca Ferrari last year

    11/1/2025: After Elon Tantrum, SpaceX Now Prepping ‘Simplified’ Starship-Based Lunar Lander, PCMag

    Since I wrote about Elon Musk’s childish reaction to NASA’s understandable concern over the pace of its Human Landing System work, I had to reach for a keyboard to cover SpaceX’s grown-up corporate response.

    11/1/2025: ‘The Truth Is Paywalled.’ Internet Vets Lament the State of the ‘Open’ Web, PCMag

    This Monday-evening panel was one of the first items on my calendar this week, but having event after event after event follow it led to me not writing it up until Thursday night. Once again, it was a serious treat to hear some of the Internet’s founding figures talk about the state of the thing they invented.

    #AmericaOnline #AOL #ArtemisIII #ATT #BendingSpoons #BrewsterKahle #CindyCohn #Dashlane #FoundationForAmericanInnovation #HumanLandingSystem #JensenHuang #Nvidia #NvidiaGTCDC #passkeyExport #passkeys #phonePlans #smartphonePlans #SpaceX #TMobile #unlimitedData #verizon #VintCerf

  14. Weekly output: phone plans, Nvidia keynote, passkey adoption, Bending Spoons buys AOL, SpaceX simplifying Starship lander, Internet luminaries on the open Web

    This is not going to be a great week for normal sleep cycles: Tuesday, I will wake up at around 4 a.m. to spend a 15-plus hour shift working as an election officer for Arlington, and then Wednesday I’m off to Dulles Airport for this year’s final business trip across the Atlantic. I’m departing for Web Summit in Lisbon several days early because the organizers of another conference, the Mozilla Festival, offered a press pass and a travel stipend to cover that event in Barcelona. I’ve heard good things about this conference over the years, so accepting an invitation to spend a few days in one of my favorite cities in Europe was an easy call.

    In addition to what you see below, Patreon readers got a detailed recap of how this past week’s event-packed schedule left its own series of dents in my calendar.

    10/28/2025: The Best Cell Phone Plans, Wirecutter

    This was going to be a modest update to the guide that I’ve been maintaining since 2014, but T-Mobile jacking up prices while AT&T and Verizon inflicted more modest rate hikes led to us dethroning T-Mo on cost grounds and handing our “for most people” pick to AT&T, which has advanced its own 5G network considerably.

    10/28/2025: In DC, Nvidia CEO Touts New AI Partnerships, Goes a Little MAGA, PCMag

    Heading into Nvidia’s conference, I was worried that CEO Jensen Huang would go into the weeds about the finer points of GPU architecture. Instead, he used this nearly two-hour keynote to jump from topic to topic without getting into too much detail about any of them–and kept coming back to opportunities to praise President Trump.

    10/29/2025: Passkey Adoption Sees Striking Progress, With One Obvious Leader, PCMag

    I struggled to get this written at the end of a long workday, resulting in my getting some nuances wrong that required updating the post the next morning.

    11/1/2025: Serial Dot-Com Purchaser Bending Spoons to Buy AOL, But Why?, PCMag

    Writing about AOL in 2025 makes me feel so old, but as one of PCMag’s graybeards I had to cover the news of Bending Spoons buying the company that once ruled the online world. I got to this story a day after it broke, so I turned that lag into an opportunity to expand the piece with some quotes from a publicist for that Italian firm and from a podcast interview of its CEO Luca Ferrari last year

    11/1/2025: After Elon Tantrum, SpaceX Now Prepping ‘Simplified’ Starship-Based Lunar Lander, PCMag

    Since I wrote about Elon Musk’s childish reaction to NASA’s understandable concern over the pace of its Human Landing System work, I had to reach for a keyboard to cover SpaceX’s grown-up corporate response.

    11/1/2025: ‘The Truth Is Paywalled.’ Internet Vets Lament the State of the ‘Open’ Web, PCMag

    This Monday-evening panel was one of the first items on my calendar this week, but having event after event after event follow it led to me not writing it up until Thursday night. Once again, it was a serious treat to hear some of the Internet’s founding figures talk about the state of the thing they invented.

    #AmericaOnline #AOL #ArtemisIII #ATT #BendingSpoons #BrewsterKahle #CindyCohn #Dashlane #FoundationForAmericanInnovation #HumanLandingSystem #JensenHuang #Nvidia #NvidiaGTCDC #passkeyExport #passkeys #phonePlans #smartphonePlans #SpaceX #TMobile #unlimitedData #verizon #VintCerf

  15. Weekly output: phone plans, Nvidia keynote, passkey adoption, Bending Spoons buys AOL, SpaceX simplifying Starship lander, Internet luminaries on the open Web

    This is not going to be a great week for normal sleep cycles: Tuesday, I will wake up at around 4 a.m. to spend a 15-plus hour shift working as an election officer for Arlington, and then Wednesday I’m off to Dulles Airport for this year’s final business trip across the Atlantic. I’m departing for Web Summit in Lisbon several days early because the organizers of another conference, the Mozilla Festival, offered a press pass and a travel stipend to cover that event in Barcelona. I’ve heard good things about this conference over the years, so accepting an invitation to spend a few days in one of my favorite cities in Europe was an easy call.

    In addition to what you see below, Patreon readers got a detailed recap of how this past week’s event-packed schedule left its own series of dents in my calendar.

    10/28/2025: The Best Cell Phone Plans, Wirecutter

    This was going to be a modest update to the guide that I’ve been maintaining since 2014, but T-Mobile jacking up prices while AT&T and Verizon inflicted more modest rate hikes led to us dethroning T-Mo on cost grounds and handing our “for most people” pick to AT&T, which has advanced its own 5G network considerably.

    10/28/2025: In DC, Nvidia CEO Touts New AI Partnerships, Goes a Little MAGA, PCMag

    Heading into Nvidia’s conference, I was worried that CEO Jensen Huang would go into the weeds about the finer points of GPU architecture. Instead, he used this nearly two-hour keynote to jump from topic to topic without getting into too much detail about any of them–and kept coming back to opportunities to praise President Trump.

    10/29/2025: Passkey Adoption Sees Striking Progress, With One Obvious Leader, PCMag

    I struggled to get this written at the end of a long workday, resulting in my getting some nuances wrong that required updating the post the next morning.

    11/1/2025: Serial Dot-Com Purchaser Bending Spoons to Buy AOL, But Why?, PCMag

    Writing about AOL in 2025 makes me feel so old, but as one of PCMag’s graybeards I had to cover the news of Bending Spoons buying the company that once ruled the online world. I got to this story a day after it broke, so I turned that lag into an opportunity to expand the piece with some quotes from a publicist for that Italian firm and from a podcast interview of its CEO Luca Ferrari last year

    11/1/2025: After Elon Tantrum, SpaceX Now Prepping ‘Simplified’ Starship-Based Lunar Lander, PCMag

    Since I wrote about Elon Musk’s childish reaction to NASA’s understandable concern over the pace of its Human Landing System work, I had to reach for a keyboard to cover SpaceX’s grown-up corporate response.

    11/1/2025: ‘The Truth Is Paywalled.’ Internet Vets Lament the State of the ‘Open’ Web, PCMag

    This Monday-evening panel was one of the first items on my calendar this week, but having event after event after event follow it led to me not writing it up until Thursday night. Once again, it was a serious treat to hear some of the Internet’s founding figures talk about the state of the thing they invented.

    #AmericaOnline #AOL #ArtemisIII #ATT #BendingSpoons #BrewsterKahle #CindyCohn #Dashlane #FoundationForAmericanInnovation #HumanLandingSystem #JensenHuang #Nvidia #NvidiaGTCDC #passkeyExport #passkeys #phonePlans #smartphonePlans #SpaceX #TMobile #unlimitedData #verizon #VintCerf

  16. Weekly output: phone plans, Nvidia keynote, passkey adoption, Bending Spoons buys AOL, SpaceX simplifying Starship lander, Internet luminaries on the open Web

    This is not going to be a great week for normal sleep cycles: Tuesday, I will wake up at around 4 a.m. to spend a 15-plus hour shift working as an election officer for Arlington, and then Wednesday I’m off to Dulles Airport for this year’s final business trip across the Atlantic. I’m departing for Web Summit in Lisbon several days early because the organizers of another conference, the Mozilla Festival, offered a press pass and a travel stipend to cover that event in Barcelona. I’ve heard good things about this conference over the years, so accepting an invitation to spend a few days in one of my favorite cities in Europe was an easy call.

    In addition to what you see below, Patreon readers got a detailed recap of how this past week’s event-packed schedule left its own series of dents in my calendar.

    10/28/2025: The Best Cell Phone Plans, Wirecutter

    This was going to be a modest update to the guide that I’ve been maintaining since 2014, but T-Mobile jacking up prices while AT&T and Verizon inflicted more modest rate hikes led to us dethroning T-Mo on cost grounds and handing our “for most people” pick to AT&T, which has advanced its own 5G network considerably.

    10/28/2025: In DC, Nvidia CEO Touts New AI Partnerships, Goes a Little MAGA, PCMag

    Heading into Nvidia’s conference, I was worried that CEO Jensen Huang would go into the weeds about the finer points of GPU architecture. Instead, he used this nearly two-hour keynote to jump from topic to topic without getting into too much detail about any of them–and kept coming back to opportunities to praise President Trump.

    10/29/2025: Passkey Adoption Sees Striking Progress, With One Obvious Leader, PCMag

    I struggled to get this written at the end of a long workday, resulting in my getting some nuances wrong that required updating the post the next morning.

    11/1/2025: Serial Dot-Com Purchaser Bending Spoons to Buy AOL, But Why?, PCMag

    Writing about AOL in 2025 makes me feel so old, but as one of PCMag’s graybeards I had to cover the news of Bending Spoons buying the company that once ruled the online world. I got to this story a day after it broke, so I turned that lag into an opportunity to expand the piece with some quotes from a publicist for that Italian firm and from a podcast interview of its CEO Luca Ferrari last year

    11/1/2025: After Elon Tantrum, SpaceX Now Prepping ‘Simplified’ Starship-Based Lunar Lander, PCMag

    Since I wrote about Elon Musk’s childish reaction to NASA’s understandable concern over the pace of its Human Landing System work, I had to reach for a keyboard to cover SpaceX’s grown-up corporate response.

    11/1/2025: ‘The Truth Is Paywalled.’ Internet Vets Lament the State of the ‘Open’ Web, PCMag

    This Monday-evening panel was one of the first items on my calendar this week, but having event after event after event follow it led to me not writing it up until Thursday night. Once again, it was a serious treat to hear some of the Internet’s founding figures talk about the state of the thing they invented.

    #AmericaOnline #AOL #ArtemisIII #ATT #BendingSpoons #BrewsterKahle #CindyCohn #Dashlane #FoundationForAmericanInnovation #HumanLandingSystem #JensenHuang #Nvidia #NvidiaGTCDC #passkeyExport #passkeys #phonePlans #smartphonePlans #SpaceX #TMobile #unlimitedData #verizon #VintCerf

  17. Weekly output: phone plans, Nvidia keynote, passkey adoption, Bending Spoons buys AOL, SpaceX simplifying Starship lander, Internet luminaries on the open Web

    This is not going to be a great week for normal sleep cycles: Tuesday, I will wake up at around 4 a.m. to spend a 15-plus hour shift working as an election officer for Arlington, and then Wednesday I’m off to Dulles Airport for this year’s final business trip across the Atlantic. I’m departing for Web Summit in Lisbon several days early because the organizers of another conference, the Mozilla Festival, offered a press pass and a travel stipend to cover that event in Barcelona. I’ve heard good things about this conference over the years, so accepting an invitation to spend a few days in one of my favorite cities in Europe was an easy call.

    In addition to what you see below, Patreon readers got a detailed recap of how this past week’s event-packed schedule left its own series of dents in my calendar.

    10/28/2025: The Best Cell Phone Plans, Wirecutter

    This was going to be a modest update to the guide that I’ve been maintaining since 2014, but T-Mobile jacking up prices while AT&T and Verizon inflicted more modest rate hikes led to us dethroning T-Mo on cost grounds and handing our “for most people” pick to AT&T, which has advanced its own 5G network considerably.

    10/28/2025: In DC, Nvidia CEO Touts New AI Partnerships, Goes a Little MAGA, PCMag

    Heading into Nvidia’s conference, I was worried that CEO Jensen Huang would go into the weeds about the finer points of GPU architecture. Instead, he used this nearly two-hour keynote to jump from topic to topic without getting into too much detail about any of them–and kept coming back to opportunities to praise President Trump.

    10/29/2025: Passkey Adoption Sees Striking Progress, With One Obvious Leader, PCMag

    I struggled to get this written at the end of a long workday, resulting in my getting some nuances wrong that required updating the post the next morning.

    11/1/2025: Serial Dot-Com Purchaser Bending Spoons to Buy AOL, But Why?, PCMag

    Writing about AOL in 2025 makes me feel so old, but as one of PCMag’s graybeards I had to cover the news of Bending Spoons buying the company that once ruled the online world. I got to this story a day after it broke, so I turned that lag into an opportunity to expand the piece with some quotes from a publicist for that Italian firm and from a podcast interview of its CEO Luca Ferrari last year

    11/1/2025: After Elon Tantrum, SpaceX Now Prepping ‘Simplified’ Starship-Based Lunar Lander, PCMag

    Since I wrote about Elon Musk’s childish reaction to NASA’s understandable concern over the pace of its Human Landing System work, I had to reach for a keyboard to cover SpaceX’s grown-up corporate response.

    11/1/2025: ‘The Truth Is Paywalled.’ Internet Vets Lament the State of the ‘Open’ Web, PCMag

    This Monday-evening panel was one of the first items on my calendar this week, but having event after event after event follow it led to me not writing it up until Thursday night. Once again, it was a serious treat to hear some of the Internet’s founding figures talk about the state of the thing they invented.

    #AmericaOnline #AOL #ArtemisIII #ATT #BendingSpoons #BrewsterKahle #CindyCohn #Dashlane #FoundationForAmericanInnovation #HumanLandingSystem #JensenHuang #Nvidia #NvidiaGTCDC #passkeyExport #passkeys #phonePlans #smartphonePlans #SpaceX #TMobile #unlimitedData #verizon #VintCerf

  18. Email from my password manager vendor. I'm not sure this is what they actually meant to say, because it sure does not sound good.
    #Dashlane

  19. Well #PasswordManagers were not as secure as we all thought.
    All Password Managers that use a browser add-on/plugin for auto-fill functionality are susceptible to #ClickJacking security vulnerabilities that could be exploited to steal account credentials.
    It works on all of them:
    #LastPass
    #Bitwarden
    #iCloudPasswords
    #Enpass
    #1Password
    #NordPass
    #ProtonPass
    #Keeper
    #Dashlane
    & yes even the one I use #KeePassXC
    Some have pushed out updates.

    More info: marektoth.com/blog/dom-based-e

    #CyberSecurityNews

  20. Passwortmanager sind angreifbar. Das fand Marek Tóth heraus und berichtete darüber auf der #DefCon33:
    marektoth.com/blog/dom-based-e
    Die von Tóth aufgedeckten Schwachstellen ermöglichen es Hackern, sensible Daten aus Passwort-Managern zu stehlen, darunter Kreditkartendaten, Namen, Adressen und Telefonnummern, wenn ein Opfer eine bösartige Website besucht. Darüber hinaus können Hacker, wenn eine anfällige Website, auf der Ihre Passwort-Manager-Anmeldedaten gespeichert sind, eine Cross-Site-Scripting-Schwachstelle (XSS) oder eine Subdomain-Übernahme aufweist, diese ausnutzen, um Anmeldedaten (Benutzernamen und Passwörter), 2FA-Codes und Passkeys zu stehlen.
    Nach Updates gelten inzwischen folgende Passwortmanager als sicher: #Bitwarden #Dashlane, #Keeper, #NordPass, #ProtonPass & #RoboForm.

    #infosec #passwortmanager #2FA#security #privacy #BeDiS

  21. Dashlane password manager will end its free service on September 16, 2025. Users must then switch to a premium subscription or export their data.

    webpronews.com/dashlane-to-end

    #dashlane #passwordmanager

  22. Wichtige Änderung bei #Dashlane: Der Passwort-Manager beendet ab 16. September 2025 seinen kostenlosen Dienst. Nutzer müssen dann auf ein Premium-Abo umsteigen oder ihre Daten exportieren. winfuture.de/news,152771.html?

  23. Weekly output: wireless-service satisfaction, ransomware survey, Dashlane report, Verizon fee increases, drone policy

    I had one work event on my calendar this week that I don’t think rates as an appearance worth listing here, since I got roped into it at the last minute. I’d put the Internet Law & Policy Foundry’s tech-law trivia contest on my schedule Wednesday thinking it would be fun to watch, but then one of the contestants asked if I’d like to join their team–and we finished in third place. This was one of the first public trivia contests I’d joined since 1987, when I was a member of the high school team that won a New Jersey state championship, and it’s nice to see that I still have it or at least some of it.

    This coming week has me traveling for work for the first time since the middle of June and to an event that first landed on my travel calendar in 2018: I’m headed to Las Vegas for the Black Hat information-security conference. The trip doesn’t include the DEF CON infosec conference that follows Black Hat, and on Patreon I explained why I opted out of that and feel a little guilty about it.

    7/31/2025: People Like Wireless Service Best When It Doesn’t Involve the Big 3 Carriers, PCMag

    The gap betweeen J.D. Power’s customer-satisfaction stats for the big three wireless carriers and that firm’s metrics for companies reselling the networks of AT&T, T-Mobile and Verizon caught my eye.

    8/1/2025: Ransomware Victims Are Still Paying Up, Some More Than Once, PCMag

    This survey published by the security firm Semperis got an unfortunate news peg when the Trump administration rescinded the West Point department-chair appointment of one of the report’s expert contributors, former Cybersecurity & Infrastructure Security Administration head Jen Easterly.

    8/1/2025: This Password Manager Caught Some of Its Own Employees Not Using Its Product, PCMag

    Dashlane’s PR folks offered me this story ahead of time. Since I have always found the fallible-human element of information security to be fascinating, I accepted the offer, and then my editors concurred.

    8/1/2025: Months After Freezing Wireless Rates But Not Fees, Verizon Slips in a Fee Increase, PCMag

    One of my colleagues brought this to my attention, and I was happy to set aside some time Friday morning to cover it.

    8/2/2025: The Drone Industry Can’t Wait for This One Federal Regulation to Take Off, PCMag

    I spent Tuesday and Wednesday at Nationals Park to cover a drone-policy conference hosted there by the trade group AUVSI, but I didn’t get around to writing it until Thursday night.

    #AUVSI #BlackHat #ConsumerCellular #Dashlane #droneDelivery #drones #finePrint #JDPower #junkFees #NationalsPark #NatsPark #passwordManager #ransomware #Semperis #verizon #Vz #wirelessServices

  24. Weekly output: wireless-service satisfaction, ransomware survey, Dashlane report, Verizon fee increases, drone policy

    I had one work event on my calendar this week that I don’t think rates as an appearance worth listing here, since I got roped into it at the last minute. I’d put the Internet Law & Policy Foundry’s tech-law trivia contest on my schedule Wednesday thinking it would be fun to watch, but then one of the contestants asked if I’d like to join their team–and we finished in third place. This was one of the first public trivia contests I’d joined since 1987, when I was a member of the high school team that won a New Jersey state championship, and it’s nice to see that I still have it or at least some of it.

    This coming week has me traveling for work for the first time since the middle of June and to an event that first landed on my travel calendar in 2018: I’m headed to Las Vegas for the Black Hat information-security conference. The trip doesn’t include the DEF CON infosec conference that follows Black Hat, and on Patreon I explained why I opted out of that and feel a little guilty about it.

    7/31/2025: People Like Wireless Service Best When It Doesn’t Involve the Big 3 Carriers, PCMag

    The gap betweeen J.D. Power’s customer-satisfaction stats for the big three wireless carriers and that firm’s metrics for companies reselling the networks of AT&T, T-Mobile and Verizon caught my eye.

    8/1/2025: Ransomware Victims Are Still Paying Up, Some More Than Once, PCMag

    This survey published by the security firm Semperis got an unfortunate news peg when the Trump administration rescinded the West Point department-chair appointment of one of the report’s expert contributors, former Cybersecurity & Infrastructure Security Administration head Jen Easterly.

    8/1/2025: This Password Manager Caught Some of Its Own Employees Not Using Its Product, PCMag

    Dashlane’s PR folks offered me this story ahead of time. Since I have always found the fallible-human element of information security to be fascinating, I accepted the offer, and then my editors concurred.

    8/1/2025: Months After Freezing Wireless Rates But Not Fees, Verizon Slips in a Fee Increase, PCMag

    One of my colleagues brought this to my attention, and I was happy to set aside some time Friday morning to cover it.

    8/2/2025: The Drone Industry Can’t Wait for This One Federal Regulation to Take Off, PCMag

    I spent Tuesday and Wednesday at Nationals Park to cover a drone-policy conference hosted there by the trade group AUVSI, but I didn’t get around to writing it until Thursday night.

    #AUVSI #BlackHat #ConsumerCellular #Dashlane #droneDelivery #drones #finePrint #JDPower #junkFees #NationalsPark #NatsPark #passwordManager #ransomware #Semperis #verizon #Vz #wirelessServices

  25. Weekly output: wireless-service satisfaction, ransomware survey, Dashlane report, Verizon fee increases, drone policy

    I had one work event on my calendar this week that I don’t think rates as an appearance worth listing here, since I got roped into it at the last minute. I’d put the Internet Law & Policy Foundry’s tech-law trivia contest on my schedule Wednesday thinking it would be fun to watch, but then one of the contestants asked if I’d like to join their team–and we finished in third place. This was one of the first public trivia contests I’d joined since 1987, when I was a member of the high school team that won a New Jersey state championship, and it’s nice to see that I still have it or at least some of it.

    This coming week has me traveling for work for the first time since the middle of June and to an event that first landed on my travel calendar in 2018: I’m headed to Las Vegas for the Black Hat information-security conference. The trip doesn’t include the DEF CON infosec conference that follows Black Hat, and on Patreon I explained why I opted out of that and feel a little guilty about it.

    7/31/2025: People Like Wireless Service Best When It Doesn’t Involve the Big 3 Carriers, PCMag

    The gap betweeen J.D. Power’s customer-satisfaction stats for the big three wireless carriers and that firm’s metrics for companies reselling the networks of AT&T, T-Mobile and Verizon caught my eye.

    8/1/2025: Ransomware Victims Are Still Paying Up, Some More Than Once, PCMag

    This survey published by the security firm Semperis got an unfortunate news peg when the Trump administration rescinded the West Point department-chair appointment of one of the report’s expert contributors, former Cybersecurity & Infrastructure Security Administration head Jen Easterly.

    8/1/2025: This Password Manager Caught Some of Its Own Employees Not Using Its Product, PCMag

    Dashlane’s PR folks offered me this story ahead of time. Since I have always found the fallible-human element of information security to be fascinating, I accepted the offer, and then my editors concurred.

    8/1/2025: Months After Freezing Wireless Rates But Not Fees, Verizon Slips in a Fee Increase, PCMag

    One of my colleagues brought this to my attention, and I was happy to set aside some time Friday morning to cover it.

    8/2/2025: The Drone Industry Can’t Wait for This One Federal Regulation to Take Off, PCMag

    I spent Tuesday and Wednesday at Nationals Park to cover a drone-policy conference hosted there by the trade group AUVSI, but I didn’t get around to writing it until Thursday night.

    #AUVSI #BlackHat #ConsumerCellular #Dashlane #droneDelivery #drones #finePrint #JDPower #junkFees #NationalsPark #NatsPark #passwordManager #ransomware #Semperis #verizon #Vz #wirelessServices