[en] Serious security vulnerabilities in cloud-based password managers : #Bitwarden, #Lastpass, #Dashlane

The research team of Prof. Paterson found cryptographic technologies from the 90s. "We were surprised by the severity of the security vulnerabilities".

In most cases, the researchers were able to gain access to the passwords – and even make changes to them.

https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html

Aside from this research paper, recommended password managers often include #KeePassXC and/or #KeePassDX for Android or #KeePassium for iOS. Also, it's usually a good idea to store only accounts and passwords that are really necessary on the go, especially on mobile devices.

#password #passwordmanager #cloudbased #security #ictsecurity #securityvulnerability #ethz

Third Eye Legal wishes everyone a Happy, Peaceful and Prosperous Chinese Lunar New Year of the Fire Horse: 2026. May passion, attraction and creativity guide you while navigating temptation and confusion this year.

Looking forward to collaborating and creating with progressive minds.

Third Eye Legal: Where Minds Meet
https://www.thirdeyelegal.com

#HappyChineseNewYear2026
#consultancy #law #cyber #privacy #Antitrust #ictsecurity #Peace #prosperity

🔒 La #CybersecurityAct UE intensifica la presa sull'ICT, ma solleva domande sul 5G e la fibra. #5G #ICTSecurity 🛡️

🔗 https://www.tomshw.it/business/ue-blinda-ict-ma-il-5g-rischia-il-rallentamento-2026-01-21

[en] UK: Should #ransomware payments be banned?

"Governments underestimate the impact of #cybercrime at their peril."

"... without a ban covering the private as well as the public sector, threat actors would likely gravitate to the former."

"... we may see ... a potential evolution in the business model itself ... perhaps they would look to other options ..."

https://www.techmonitor.ai/comment-2/unintended-consequences-ransomware-ban

#cybersecurity #ictsecurity #cyberthreat #cyberthreat #exploit #trojan #spyware #vulnerability

Linux Foundation Open Source Summit North America:
"Linus Torvalds and his good friend Dirk Hohndel ... conversation about Linux development and related issues"

Interesting - They also talked about #security, XZ Utils incident, #LLMs, #hardware, RISK-V, #Git ...

https://www.zdnet.com/article/linus-torvalds-takes-on-evil-developers-hardware-errors-and-hilarious-ai-hype/

#gnulinux #linux #riskv #xz #xzutil #xzutils #llm #torvalds #hohndel #cybersecurity #ictsecurity #itsecurity #exploit #spyware #vulnerability #infosec #ai #aihype #linuxfoundation #opensourcesummit

[en] Voting: Weaknesses of Electronic Voting Machines (Prof. Appel, Schneier & Co.)

"Rather than assert that each component of the process can be made perfectly secure on its own, ... the goal of each component of the elections process is to validate every other component."

"... the hallmarks of a reliable and optimal election process are hand-marked paper ballots ..."

[Not "e-voting"]

https://freedom-to-tinker.com/2024/03/18/suggested-principles-for-state-statutes-regarding-ballot-marking-and-vote-tabulation/

#voting #votingmachine #ballot #election #evoting #ictsecurity #infosec #security

[en] Commercial spyware firms make mobile phones and devices increasingly insecure

"Nearly two thirds of mobile and browser flaws were used by spyware firms".

"... in 2023, spyware produced by commercial surveillance vendors (CSVs) were responsible for 64% of known exploited mobile and browser zero-day vulnerabilities."

https://cyberscoop.com/spyware-zero-days-2023/

#zeroday #spyware #csv #cyberthreat #exploit #vulnerability #cybersecurity #ictsecurity #itsecurity #infosec #mobile #mobilephone

[en] Serious security vulnerabilities in electronic RFID locks from dormakaba

"... identified weaknesses allow an attacker to unlock all rooms in a hotel using a single pair of forged keycards. Over [3m] hotel locks in 131 countries are affected."

"As of 03/2024, ... 36% of the impacted locks have been updated or replaced."

https://unsaflok.com/

#ResearchHighlights #dormakaba #kaba #saflok #unsaflok #privacy #rfid #rfidlock #cybersecurity #ictsecurity #itsecurity #infosec #security

[en] Microsoft Goes Open Source 😄 - Not Really Intentionally

"... breach was worse than initially understood and that the Russian hackers accessed Microsoft source code."
"... string of breaches affecting the company that have raised major questions in Washington about Microsoft’s security posture."

https://cyberscoop.com/microsoft-cozy-bear-russia/

#MediaHighlights #microsoft #opensource #oss #foss #sourcecode #hacking #hacker #breach #insecure #security #cybersecurity #infosec #ictsecurity #itsecurity #threat

A post claims that "Hackers increasingly abuse Cloudflare Tunnels for stealthy connections"

#Cloudflare Tunnels are supposed to create outbound-only connections to the Cloudflare network but are apparently also used "for nefarious purposes, such as gaining stealthy persistent access to the victim's network, evading detection, and exfiltrating compromised devices' data."

https://www.bleepingcomputer.com/news/security/hackers-increasingly-abuse-cloudflare-tunnels-for-stealthy-connections/

#abuse #cloud #cloudtunnel #cybersecurity #ictsecurity #itsecurity #infosec #security