Jump to content

Search the Community

Showing results for tags 'Password'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

  1. Password Depot Professional 7.5.4 Password Depot - an efficient tool to manage all your passwords. You'll never forget your password. Password Depot Professional protects your passwords from unauthorized external access, and thus it is very easy to use. Features of the program: the creation of nearly nerasshifrovyvaemyh passwords, data encryption, automated login. Password Security: Best protection of your data due to double encryption with Rijndael 256! Your password list is protected twice: with the master password and with an internal key.Protection from keylogging (intercepting of keystrokes) – All password fields are internally protected from keylogging.Password Depot leaves no trace of your passwords in the RAM. So even an attempt by a hacker to use your computer and try to browse the cryptic memory dumps for passwords - a theoretical option - would be defeated.Clipboard protection – Password Depot automatically detects any active clipboard viewers and masks its changes to the keyboard; after performing auto-complete, all sensitive data is automatically cleared from the clipboard.The integrated password generator creates virtually uncrackable passwords: instead of passwords like "sweetheart" or "John", which can both be cracked in a few minutes, you now use passwords like "g\/:1bmV5T$x_sb}[email protected]?\A:y:Cwe-k)mUpHiJu:[email protected] Management: Friendly and easy-to-use interface, similar to the Windows Explorer, that allows you to navigate the password lists.Top bar window for faster and more efficient navigation. Now available in classic design or as application desktop toolbarAuto-complete action that allows you to automatically complete fields on a web page with user name and password.Supports Firefox, Netscape, Opera and Microsoft Internet Explorer.Password lists on the internet: Place your encrypted password lists on the Internet and enjoy access to all of them, no matter where you are!Import/export of passwords from/to other password managers.You can open a password's website directly from the program.Copy password, user name or URL to clipboard or drag & drop to the target field.Integrated server module: Share Password Depot with several users on a local network!Support of USB flash drives: Keep your passwords handy all the time by storing Password Depot and your passwords on a USB flash drive.Additional Features: Custom fields: Create as many fields as you like in the database. That way you can adjust Password Depot to your personal needs.Recognition of correct passwords: The program recognizes automatically the password that is used for a website and suggests it automatically!New wizards: Add web passwords using the wizards. Or install Password Depot on a USB flash drive with the help of the wizards.Perfect local security: you can use the lock function to restrict other user's access to your personal passwords.Quality inspection of your passwords: Check the quality and security of your passwords! New and intelligent algorithms check the passwords employed and alert you in case of “weak” passwords.Encrypt external files with Password Depot to make secret documents inacessible for unauthorized persons.Erase external files completely so that there are no traces left on your hard disk.Variables in URLs: Use variables in URLs to meet all the requirements and to automate special cases.Support of TANs: Support of TANs was added for customers who are using Password Depot for online banking.Password policies: You can define rules which all new or modified passwords have to fulfill (minimum length, types of characters contained, etc.).New program options: Thanks to the numerous new program options Password Depot is individually configurable.Website: http://www.password-depot.com/ OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Crack (RegKey) Size: 32,86 Mb.
  2. Devolutions Password Vault Manager Enterprise 5.1.0.0 Password Vault Manager lets you and your team centralize your organization’s passwords and credentials into one secure repository. Manage user security rights and access, reduce help desk support calls and strengthen your network security by generating only strong and unique passwords. Password Vault Manager is your all-in-one solution to streamline password management. Stop losing time retrieving forgotten passwords and enjoy the industry’s most intuitive and customizable dashboard. Features VERSION 5.1.0.0 (March 11th 2014) Website: http://passwordvaultmanager.com/ OS: Windows XP / Vista / 7 / 8 Language: Eng Medicine: Serial Size: 16,87 Mb.
  3. With the advent of mobile payments and more and more users storing sensitive information on their smartphones, security is becoming a greater concern. That is why the following story is so harrowing: a man’s son was able to reset his Android phone’s password, and all he needed was access to his phone. The following exploit doesn’t require any knowledge of a user’s Google account; all you would need is access to the person’s phone. A Reddit user recounts the process in detail: “I just discovered what seems to me a massive security loophole. Please someone tell me if the following makes any sense. My son was playing on my phone (Galaxy S3). He tried to purchase in app items on Subway Surfer but didn’t know the password. So, he followed the following steps to reset my password from my phone without having to enter any information about the account: Starting from the screen after you click “buy,” 1. Click the question mark next to the password box when asked to confirm password for a purchase.2. Click “forgot password.”3. Click “I don’t know.”4. Leave the selection on the page at “Confirm password reset on my Android Samsung SCH-I535 phone.”5. Click “Yes”6. Click “Allow Password Reset.7. Enter and confirm new Password. And that allowed someone with absolutely no knowledge about my Google account, and access only to my phone, to reset a new password for my entire Google account.”– karcirate (reddit)This exploit has been around for quite some time, however, now that users realize how easy it is, maybe Google should work on beefing up this loophole. What can you do to protect against this? Well, someone would need access to your phone in order to make purchases on it, or rest your password and gain access to your account. Putting a lock-code is probably your best bet against strangers. Hopefully the friends you’d allow access to your phone can be trusted enough to not rack up your cell phone bill or mess with your Google account. Source
  4. E-mail addresses and cryptographically protected passwords for thousands of Mozilla developers were exposed through a database glitch that may have been exploited by hackers, Mozilla officials warned Friday. About 76,000 e-mail addresses and 4,000 password hashes were left on a publicly accessible server for about 30 days beginning June 23, according to a blog post. There is no indication the data was accessed, but Mozilla officials investigating the disclosure can't rule out the possibility. Hackers who might have managed to crack the hashes wouldn't be able to use the passwords to access Mozilla Developer Network accounts, but they may be able to access other user accounts secured with the same cracked passcode. The glitch was touched off when a data "sanitization" process failed, causing the addresses and hashes to be dumped to a publicly accessible server. "We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," Stormy Peters, director of developer relations, and Joe Stevensen, operations security manager, wrote. They continued: Source : http://arstechnica.com/security/2014/08/thousands-of-mozilla-developers-e-mail-addresses-password-hashes-exposed/
  5. Jan. 30, 2014 7:19 PM EST FILE - In this Tuesday, Jan. 7, 2014, file photo, Yahoo president and CEO Marissa Mayer speaks during a keynote address at the International Consumer Electronics Show, in Las Vegas. Yahoo said Thursday, Jan. 30, 2014, that usernames and passwords of its email customers have been stolen and used to access accounts, but the company isn't saying how many accounts have been affected. (AP Photo/Julie Jacobson, File) NEW YORK (AP) Usernames and passwords of some of Yahoo's email customers have been stolen and used to gather personal information about people those Yahoo mail users have recently corresponded with, the company said Thursday. Yahoo didn't say how many accounts have been affected. Yahoo is the second-largest email service worldwide, after Google's Gmail, according to the research firm comScore. There are 273 million Yahoo mail accounts worldwide, including 81 million in the U.S. It's the latest in a string of security breaches that have allowed hackers to nab personal information using software that analysts say is ever more sophisticated. Up to 70 million customers of Target stores had their personal information and credit and debit card numbers compromised late last year, and Neiman Marcus was the victim of a similar breach in December. "It's an old trend, but it's much more exaggerated now because the programs the bad guys use are much more sophisticated now," says Avivah Litan, a security analyst at the technology research firm Gartner. "We're clearly under attack." Yahoo Inc. said in a blog post on its breach that "The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails." That could mean hackers were looking for additional email addresses to send spam or scam messages. By grabbing real names from those sent folders, hackers could try to make bogus messages appear more legitimate to recipients. "It's much more likely that I'd click on something from you if we email all the time," says Richard Mogull, analyst and CEO of Securois, a security research and advisory firm. The bigger danger: access to email accounts could lead to more serious breaches involving banking and shopping sites. That's because many people reuse passwords across many sites, and also because many sites use email to reset passwords. Hackers could try logging in to such a site with the Yahoo email address, for instance, and ask that a password reminder be sent by email. Litan said hackers appear to be "trying to collect as much information as they can on people. Putting all this stuff together makes it easier to steal somebody's identity." Yahoo said the usernames and passwords weren't collected from its own systems, but from a third-party database. Because so many people use the same passwords across multiple sites, it's possible hackers broke in to some service that lets people use email addresses as their usernames. The hackers could have grabbed passwords stored at that service, filtered out the accounts with Yahoo addresses and used that information to log in to Yahoo's mail systems, said Johannes Ullrich, dean of research at the SANS Institute, a group devoted to security research and education. The breach is the second mishap for Yahoo's mail service in two months. In December, the service suffered a multi-day outage that prompted Yahoo CEO Marissa Mayer to issue an apology. Yahoo said it is resetting passwords on affected accounts and has "implemented additional measures" to block further attacks. The company would not comment beyond the information in its blog post. It said it is working with federal law enforcement. ___ Online: Yahoo blog post: http://yahoo.tumblr.com/post/75083532312/important-security-update-for-yahoo-mail-users http://bigstory.ap.org/article/yahoo-email-account-passwords-stolen
  6. By Dan Goodin - Jan 25 2014, 10:15am AUSEST Crackers-for-hire in Romania, India, and China also charged in global operation. An international law-enforcement crackdown on paid password cracking services has resulted in at least 11 arrests, including the operators of an alleged cracker-for-hire site in the US that prosecutors said compromised almost 6,000 e-mail accounts. Mark Anthony Townsend, 45, of Cedarville, Arkansas, and Joshua Alan Tabor, 29, of Prairie Grove, Arkansas, ran a site called needapassword.com, according to court documents filed this week in federal court in Los Angeles. The site accepted user requests to hack into specific e-mail accounts hosted by Google, Yahoo, and other providers, prosecutors alleged. According to charging documents, the operators would break into the accounts, access their contents and send screenshots to the users proving the accounts had been compromised. The men would then send passwords in exchange for a fee paid to their PayPal account, prosecutors said. "Through www.needapassword.com, defendant and others known and unknown to the United States Attorney obtained unauthorized access to over 5,900 e-mail accounts submitted by customers," a criminal information filed against Townsend stated. During the time of Tabor's involvement, needapassword.com broke into at least 250 accounts, a separate charging document claimed. Federal prosecutors also charged three people in the US for paying for cracking services. One of them, John Ross Jesensky, 30, of Northridge, California, allegedly paid almost $22,000 to a Chinese website to illegally obtain account passwords, prosecutors said. The charges are part of an international investigation into e-mail account takeovers. The investigation has also resulted in arrests in Romania, India, and China. Romanian authorities conducted searches on three residences associated with people running the websites zhackgroup.com, spyhackgroup.com, rajahackers.com, clickhack.com, ghostgroup.org, and emailhackers.com. Four people were arrested. It has been widely reported that a Romanian man was arrested this week under suspicion that he hacked into the online accounts of various public figures and politicians, including the family of former Presidents George H.W. Bush and George W. Bush, as well as former US Secretary of State Colin Powell. Romanian officials have yet to identify the defendants by name. Ars covered last February's hack of the Bush family here. The arrests also came the same week feds arrested the founder of the now-defunct isanyoneup.com on charges that he paid a man to break into the e-mail accounts of hundreds of victims and steal sexually explicit images that later showed up on the notorious "revenge-porn" site. Prosecutors haven't said exactly how so many accounts were compromised, except to say the defendants connected to isanyoneup.com relied on social-engineering techniques that allowed the crackers to impersonate victims or victims' friends. http://arstechnica.com/security/2014/01/investigation-of-password-crackers-turns-up-site-feds-say-hacked-6000-accounts
  7. By Dan Bloom 10:12 GMT, 14 February 2014 Clubcards hacked after Tesco details leak: More than 2,200 accounts dumped on text sharing website Details of 2,240 accounts appeared on popular text-sharing website Hackers are thought to have taken leaked details from other sites' breaches Same passwords would have been run through Tesco with some matches Security experts: People should use a different password on every account Tesco has shut down more than 2,000 user accounts for its online shopping site after a cache of e-mail addresses, passwords and voucher balances were dumped online. Many thought the details on a popular text sharing site were a hoax until Twitter users said they had tested the combinations and they worked. It is thought the list was drawn from previous security breaches and comprised victims who used the same password for Tesco.com - which was not hacked directly - and other, compromised sites. A spokesman said the area of the site affected was for collecting and storing Clubcard points. The hackers would have then tested e-mail and password combinations with Tesco and made a list of positive matches, it is believed. The hack has reignited warnings by security experts for people to use a different password for every single online account which they use. http://www.dailymail.co.uk/news/article-2559256/Tesco-security-breach-hackers-leak-2-000-passwords-internet-shoppers-online.html Update: The Tesco Hack : Heres How It (Probably) Happened By Troy Hunt 14 Feb 2014 Full Story: http://www.troyhunt.com/2014/02/the-tesco-hack-heres-how-it-probably.html
  8. By Naoki Hiroshima January 29, 2014 A story of how PayPal and GoDaddy allowed the attack and caused me to lose my $50,000 Twitter username. My $50,000 Twitter Username Was Stolen Thanks to PayPal and GoDaddy I had a rare Twitter username, @N. Yep, just one letter. I’ve been offered as much as $50,000 for it. People have tried to steal it. Password reset instructions are a regular sight in my email inbox. As of today, I no longer control @N. I was extorted into giving it up. While eating lunch on January 20, 2014, I received a text message from PayPal for one-time validation code. Somebody was trying to steal my PayPal account. I ignored it and continued eating. Later in the day, I checked my email which uses my personal domain name (registered with GoDaddy) through Google Apps. I found the last message I had received was from GoDaddy with the subject “Account Settings Change Confirmation.” There was a good reason why that was the last one. From: <[email protected]> GoDaddy To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 12:50:02 -0800 Subject: Account Settings Change Confirmation Dear naoki hiroshima, You are receiving this email because the Account Settings were modified for the following Customer Account: XXXXXXXX There will be a brief period before this request takes effect. If these modifications were made without your consent, please log in to your account and update your security settings. If you are unable to log in to your account or if unauthorized changes have been made to domain names associated with the account, please contact our customer support team for assistance: [email protected] or (480) 505-8877. Please note that Accounts are subject to our Universal Terms of Service. Sincerely, GoDaddy I tried to log in to my GoDaddy account, but it didn’t work. I called GoDaddy and explained the situation. The representative asked me the last 6 digits of my credit card number as a method of verification. This didn’t work because the credit card information had already been changed by an attacker. In fact, all of my information had been changed. I had no way to prove I was the real owner of the domain name. The GoDaddy representative suggested that I fill out a case report on GoDaddy’s website using my government identification. I did that and was told a response could take up to 48 hours. I expected that this would be sufficient to prove my identity and ownership of the account. Let The Extortion Begin Most websites use email as a method of verification. If your email account is compromised, an attacker can easily reset your password on many other websites. By taking control of my domain name at GoDaddy, my attacker was able to control my email. I soon realized, based on my previous experiences being attacked, that my coveted Twitter username was the target. Strangely, someone I don’t know sent me a Facebook message encouraging me to change my Twitter email address. I assumed this was sent from the attacker but I changed it regardless. The Twitter account email address was now one which the attacker could not access. The attacker tried to reset my Twitter password several times and found he couldn’t receive any of the reset emails because it took time for the change of my domain’s MX record, which controls the email domain server. The attacker opened issue #16134409 at Twitter’s Zendesk support page. N, Jan 20 01:43 PM: Twitter username: @n Your email: *****@*****.*** Last sign in: December Mobile number (optional): n/a Anything else? (optional): I’m not receiving the password reset to my email, do you think you could manually send me one? Twitter required the attacker to provide more information to proceed and the attacker gave up on this route. I later learned that the attacker had compromised my Facebook account in order to bargain with me. I was horrified to learn what had happened when friends began asking me about strange behavior on my Facebook account. I received an email from my attacker at last. The attacker attempted to extort me with the following message. From: <[email protected]> SOCIAL MEDIA KING To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 15:55:43 -0800 Subject: Hello. I’ve seen you spoke with an accomplice of mine, I would just like to inform you that you were correct, @N was the target. it appears extremely inactive, I would also like to inform you that your GoDaddy domains are in my possession, one fake purchase and they can be repossessed by godaddy and never seen again D: I see you run quite a few nice websites so I have left those alone for now, all data on the sites has remained intact. Would you be willing to compromise? access to @N for about 5minutes while I swap the handle in exchange for your godaddy, and help securing your data? Shortly thereafter, I received a response from GoDaddy. From: [email protected] To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 17:49:41 -0800 Subject: Update [incident ID: 21773161] — XXXXX.XXX Unfortunately, Domain Services will not be able to assist you with your change request as you are not the current registrant of the domain name. As the registrar we can only make this type of change after verifying the consent of the registrant. You may wish to pursue one or more of the following options should you decide to pursue this matter further: 1. Visit http://who.godaddy.com/ to locate the Whois record for the domain name and resolve the issue with the registrant directly. 2. Go to http://www.icann.org/dndr/udrp/approved-providers.htm to find an ICANN approved arbitration provider. 3. Provide the following link to your legal counsel for information on submitting legal documents to GoDaddy: http://www.godaddy.com/agreements/showdoc.aspx?pageid=CIVIL_SUBPOENA GoDaddy now considers this matter closed. My claim was refused because I am not the “current registrant.” GoDaddy asked the attacker if it was ok to change account information, while they didn’t bother asking me if it was ok when the attacker did it. I was infuriated that GoDaddy had put the burden on the true owner. A coworker of mine was able to connect me to a GoDaddy executive. The executive attempted to get the security team involved, but nothing has happened. Perhaps because of the Martin Luther King Jr. holiday. Then I received this follow-up from the attacker. From: <[email protected]> SOCIAL MEDIA KING To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 18:50:16 -0800 Subject: …hello Are you going to swap the handle? the godaddy account is ready to go. Password changed and a neutral email is linked to it. I asked a friend of mine at Twitter what the chances of recovering the Twitter account were if the attacker took ownership. I remembered what had happened to @mat and concluded that giving up the account right away would be the only way to avoid an irreversible disaster. So I told the attacker: From: <*****@*****.***> Naoki Hiroshima To: <[email protected]> SOCIAL MEDIA KING Date: Mon, 20 Jan 2014 19:41:17 -0800 Subject: Re: …hello I released @N. Take it right away. I changed my username @N to @N_is_stolen for the first time since I registered it in early 2007. Goodbye to my problematic username, for now. I received this response. From: <[email protected]> SOCIAL MEDIA KING To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 19:44:02 -0800 Subject: RE: …hello Thank you very much, your godaddy password is: V;Mz,3{;!’g& if you’d like I can go into detail about how I was able to gain access to your godaddy, and how you can secure yourself The attacker quickly took control of the username and I regained access to my GoDaddy account. PayPal and GoDaddy Facilitated The Attack I asked the attacker how my GoDaddy account was compromised and received this response: From: <[email protected]> SOCIAL MEDIA KING To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 19:53:52 -0800 Subject: RE: …hello - I called paypal and used some very simple engineering tactics to obtain the last four of your card (avoid this by calling paypal and asking the agent to add a note to your account to not release any details via phone) - I called godaddy and told them I had lost the card but I remembered the last four, the agent then allowed me to try a range of numbers (00-09 in your case) I have not found a way to heighten godaddy account security, however if you’d like me to recommend a more secure registrar i recommend: NameCheap or eNom (not network solutions but enom.com) It’s hard to decide what’s more shocking, the fact that PayPal gave the attacker the last four digits of my credit card number over the phone, or that GoDaddy accepted it as verification. When asked about this, the attacker responded with this message: From: <[email protected]> SOCIAL MEDIA KING To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 20:00:31 -0800 Subject: RE: …hello Yes paypal told me them over the phone (I was acting as an employee) and godaddy let me “guess” for the first two digits of the card But guessing 2 digits correctly isn’t that easy, right? From: <[email protected]> SOCIAL MEDIA KING To: <*****@*****.***> Naoki Hiroshima Date: Mon, 20 Jan 2014 20:09:21 -0800 Subject: RE: …hello I got it in the first call, most agents will just keep trying until they get it He was lucky that he only had to guess two numbers and was able to do it in a single call. The thing is, GoDaddy allowed him to keep trying until he nailed it. Insane. Sounds like I was dealing with a wannabe Kevin Mitnick—it’s as though companies have yet to learn from his Mitnick’s exploits circa 1995. Avoid Custom Domains for Your Login Email Address With my GoDaddy account restored, I was able to regain access to my email as well. I changed the email address I use at several web services to an @gmail.com address. Using my Google Apps email address with a custom domain feels nice but it has a chance of being stolen if the domain server is compromised. If I were using an @gmail.com email address for my Facebook login, the attacker would not have been able to access my Facebook account. If you are using your Google Apps email address to log into various websites, I strongly suggest you stop doing so. Use an @gmail.com for logins. You can use the nicer custom domain email for messaging purposes, I still do. In addition, I also strongly suggest you to use a longer TTL for the MX record, just in case. It was 1 hour TTL in my case and that’s why I didn’t have enough time to keep receiving emails to the compromised domain after losing the DNS control. If it was a week-long TTL for example, I would have had a greater chance to recover the stolen accounts. Using two-factor authentication is a must. It’s probably what prevented the attacker from logging into my PayPal account. Though this situation illustrates that even two-factor authentication doesn’t help for everything. Conclusion Stupid companies may give out your personal information (like part of your credit card number) to the wrong person. Some of those companies are still employing the unacceptable practice of verifying you with the last some digits of your credit card. To avoid their imprudence from destroying your digital life, don’t let companies such as PayPal and GoDaddy store your credit card information. I just removed mine. I’ll also be leaving GoDaddy and PayPal as soon as possible. https://medium.com/p/24eb09e026dd
  9. It’s been a painful few weeks for Adobe, as their network was compromised, and over 150 million usernames and passwords of their customers were leaked online. In a fun (but quite scary) twist, a HackerNews member has created a crossword of the most popular leaked passwords. A list of the most common passwords used for Creative Cloud accounts was released a few weeks ago which exposed just how insecure most users’ passwords are. As noted by the creator of the password crossword it’s best to use a tool to generate the password for you; “the current best practice for passwords is to generate a unique random password for every login and use a password management service such as KeePass, RoboForm, or LastPass.” If you haven’t reset your Adobe Creative Cloud password already, you should reset it right now here. Source
  10. Popular password manager LastPass said it fixed two vulnerabilities that were found last year. The disclosure comes just ahead of a security conference where a research paper describing the problems is due to be presented. Zhiwei Li, a research scientist at Shape Security, reported the flaws to LastPass in August 2013, which were "addressed immediately," LastPass wrote on its blog. Both flaws involved "bookmarklets," which assist in filling out stored password information when LastPass's plugin can't be used, such as when using a mobile browser. One flaw could be exploited if a bookmarklet was used on a website rigged to attack it, LastPass wrote. The other vulnerability could allow an attacker to create a bogus one-time password (OTP) if a LastPass user was tricked into visiting a malicious website. The OTP attack would require a hacker to know a person's username in order to exploit it and also serve a custom attack, LastPass wrote. "Even if this was exploited, the attacker would still not have the key to decrypt user data," the company said. Zhiwei co-authored a research paper that has been accepted by the Usenix Security Symposium, which starts in San Diego on Aug. 20. The study analyzed five popular Web-based password managers: LastPass, RoboForm, My1login, PasswordBox and NeedMyPassword, all of which run in a Web browser. The researchers wrote that "in four out of the five password managers we studied, an attacker can learn a user's credentials for arbitrary websites." LastPass wrote it didn't believe anyone other than Zhiwei exploited the flaws. Still, "if you are concerned that you've used bookmarklets before September 2013 on non-trustworthy sites, you may consider changing your master password and generating new passwords, though we don't think it is necessary." Source: http://www.computerworld.com/s/article/9249694/LastPass_discloses_now_fixed_flaws_ahead_of_security_conference
  11. The fallout from the recent Adobe breach keeps growing. At first it was thought that "only" a few million passwords were leaked when the company's servers were attacked by a sophisticated hacker. While that number is already higher than it should be, the scope turned out to be at least 50x larger, with new estimates putting the number of leaked credentials at over 150 million. Not only is this news extremely bad for Adobe, but it's also having a big impact on other websites across the Internet due to the fact that people frequently use the same password on multiple sites. From large sites like Facebook to smaller sites like Diapers.com and Soap.com, companies are examining the stolen data and sending out warnings to customers that they suspect may have the same passwords. According to Krebs on Security, Adobe made the mistake of encrypting all of the passwords with a single key, so if it's brute forced or stolen, the entire trove of data can be unlocked. It also seems that hackers are actively "rattling the doorknobs" of accounts throughout the Internet; just yesterday, my own personal Yahoo! account was "flagged" due to suspicious activity, forcing me to change my password upon the next login. We wouldn't be surprised to see this trend from many other companies in the next few days. Sadly, passwords are still an extremely poor way of securing anything of value, a topic I explored last year. Back when we thought the sample size of stolen passwords was only a few million, the BBC released a list of the top 20 most common ones that were cracked and, sadly, the list was not much different than the most common passwords from 2012. All of this just points to the fact that the sooner we get to two-factor authentication, the better we'll be. Original Article
  12. Mark Zuckerberg, Paypal founder Elon Musk and Ashton Kutcher have invested $40 million in an artificial-intelligence start-up, Vicarious, which has already sent ripples through the security community by ‘breaking’ the CAPTCHA codes used to ‘weed out’ software programs masquerading as humans. Wired reports that the company aims to focus on creating a computer system that can mimic some of the functions of the human brain’s neocortex, an area devoted to spatial reasoning and high-level language processing. One application of the software, Vicarious AI, achieves a success rate of up to 90% against standard CAPTCHAs used by Google, Yahoo and PayPal, which was demonstrated in a video shown off by the company last year, as reported by We Live Security here. Wired points out that it may never be possible to simulate an entire human brain, or indeed an entire human neocortex, but a computer than could mimic even a fraction of the neocortex’s functions would change human history. Speaking to the Wall Street Journal, Vicarious co-founder Scott Phoenix described the software as “A computer that thinks like a person. Except it doesn’t have to eat or sleep.” Vicarious works under conditions of extreme secrecy – the WSJ reports it has not revealed its address for fear of corporate espionage – so which particular applications it is focusing on remain a mystery. Image recognition appears to be core to its business, however. Phoenix said that one problem Vicarious aimed to solve was to form a complete idea of pictures, including texture – giving the example of computers being able to recognize the words “ice” or “table” but not “table made of ice”. Being able to automate such tasks may have significant implications for privacy and security. Mark Zuckerberg’s investment used personal funds, rather than those belonging to Facebook (although Facebook’s own AI program is reaching “near human” levels of performance in recognizing faces, as reported by We Live Security here). But computers which can recognize pictures in a “human” way could, for instance, bypass security measures such as Windows 8’s picture passwords – already vulnerable, according to security researchers, due to recognizable “patterns” in the way users choose points of interest, as reported by We Live Security here. Banks such as Santander employ systems where users associate a phrase with an image as a security measure – again, a computer capable of recognizing images may disrupt, or even invalidate this as a security measure. Last year’s demo showed software, known as Vicarious AI, achieving a success rate of up to 90% against standard CAPTCHAs used by Google, Yahoo and PayPal – using machine learning, rather than massive amounts of computing power. “This renders text-based CAPTCHAs no longer effective as a Turing test,” the company said in a statement. The security implications of the discovery are less clear. Speaking to the BBC, computer scientist Luis von Ahn, part of the team which developed CAPTCHA, said that it was difficult to verify the results, and that if Vicarious’s claims are true, sites may simply need to increase the distortion used in CAPTCHA images. “Recent AI systems like IBM’s Watson and deep neural networks rely on brute force: connecting massive computing power to massive datasets,” , said Vicarious co-founder D. Scott Phoenix.. “This is the first time this distinctively human act of perception has been achieved, and it uses relatively minuscule amounts of data and computing power. The Vicarious algorithms achieve a level of effectiveness and efficiency much closer to actual human brains” “Understanding how brain creates intelligence is the ultimate scientific challenge. Vicarious has a long term strategy for developing human level artificial intelligence, and it starts with building a brain-like vision system. Modern CAPTCHAs provide a snapshot of the challenges of visual perception, and solving those in a general way required us to understand how the brain does it”, said Vicarious co-founder Dr. Dileep George. Vicarious says that this is just the first public demonstration of its “learning” Recursive Cortical Network (RCN) technology – and says that in future, it may be used in robotics, medical image analysis, image and video search. The company admits, though, that this is “many years” away. “We should be careful not to underestimate the significance of Vicarious crossing this milestone,” said Facebook co-founder and board member Dustin Moskovitz. “This is an exciting time for artificial intelligence research, and they are at the forefront of building the first truly intelligent machines.” Source
  13. Passcape Windows Password Recovery Advanced 9.7.0.777 + Portable Welcome to Windows Password Recovery, a network security analyzer and Windows password recovery utility. Windows Password Recovery tool is the only solution that implements the most advanced, patented password recovery technologies developed in Passcape Software, such as Artificial Intelligence or Pass-phrase attack. Compared to similar products, Windows Password Recovery features a number of competitive advantages: For home users - easy set up and use. Easily recovers or resets forgotten passwords to any Windows account.For system administrators - password audit reveals security breaches, helping the administrators to ensure the reliability and security of the corporate network. Checks the security level of Windows operating systems.For forensics, industry and government security experts - analyzes and audits system security policies, issues recommendations on improving the stability of the operating systems' password protection. Features Changelog Website: http://www.passcape.com OS: Windows 2000 / 2k / XP / 2k3 / 2K8 / Vista / 7 / 8 Medicine: Serial Size: 26,12 / 28,48 MB
  14. WiFi Password Revealer 1.0.0.5 Eng WiFi Password Revealer is a simple utility to recover a forgotten or lost password to your wireless network. Simple run the program and it will list all wireless network connections along with their security details and the wireless password. In order for WiFi Password Revealer to be able to recover your password, you must have previously been connected to the wireless network and have selected to let Windows store the password. NOTE #1: For Windows XP and 2003 Server users. your passwords will be recovered as 64 HEX digits, and not exact password which you have entered. This is NOT a bug. Windows XP automatically converts them into this form, and it can't be converted back. But you can still use this HEX digits instead of real password in order to connect to your wirelesss network. NOTE #2: Administrator rights are required on your PC in order to decrypt stored passwords. Website: http://www.magicaljellybean.com OS: Windows XP / Vista / 7 / 8 Language: Eng Medicine: Free Size: 2,25 Mb.
  15. WiFi Password Revealer 1.0.0.4 Final Eng + Portable WiFi Password Revealer is a simple utility to recover a forgotten or lost password to your wireless network. Simple run the program and it will list all wireless network connections along with their security details and the wireless password. In order for WiFi Password Revealer to be able to recover your password, you must have previously been connected to the wireless network and have selected to let Windows store the password. NOTE #1: For Windows XP and 2003 Server users. your passwords will be recovered as 64 HEX digits, and not exact password which you have entered. This is NOT a bug. Windows XP automatically converts them into this form, and it can't be converted back. But you can still use this HEX digits instead of real password in order to connect to your wirelesss network. NOTE #2: Administrator rights are required on your PC in order to decrypt stored passwords. Website: http://www.magicaljellybean.com OS: Windows XP / Vista / 7 / 8 Language: Eng Medicine: Free Size: 2,20 / 5,22 Mb.
  16. Tenorshare PDF Password Remover 1.0.0.1.1889 Tenorshare PDF Password Remover is PDF owner / permissions password remover software. It can instantly unlock restricted PDF documents by removing printing, editing and copying restrictions. It removes passwords protecting PDF files created with all versions of Adobe Acrobat or any other PDF application. Features Remove PDF security to edit, print, and copyBatch decryption – load up to 200 files at a timeSupport Adobe PDF 1.7 and lower versionsKey Features Website: http://www.tenorshare.com/ OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Crack Size: 9,15 Mb.
  17. Devolutions Password Vault Manager Enterprise 5.0.5.0 Password Vault Manager lets you and your team centralize your organization’s passwords and credentials into one secure repository. Manage user security rights and access, reduce help desk support calls and strengthen your network security by generating only strong and unique passwords. Password Vault Manager is your all-in-one solution to streamline password management. Stop losing time retrieving forgotten passwords and enjoy the industry’s most intuitive and customizable dashboard. Features VERSION 5.0.5.0 (December 21st 2013) Added a new data source policy to hide the serial numberAdded the Polish translationAdded the possibility to edit the status messageAdded the Swedish translationImproved the auto update for the Enterprise editionImproved the error management with the opened connection countImproved the RoboForm v6 import and added RoboForm v7 supportView contact can now be opened in embedded modeWebsite: http://passwordvaultmanager.com/ OS: Windows XP / Vista / 7 / 8 Language: Eng Medicine: Serial Size: 16,87 Mb.
  18. Password Depot Professional 7.5.3 Password Depot - an efficient tool to manage all your passwords. You'll never forget your password. Password Depot Professional protects your passwords from unauthorized external access, and thus it is very easy to use. Features of the program: the creation of nearly nerasshifrovyvaemyh passwords, data encryption, automated login. Password Security: Best protection of your data due to double encryption with Rijndael 256! Your password list is protected twice: with the master password and with an internal key.Protection from keylogging (intercepting of keystrokes) – All password fields are internally protected from keylogging.Password Depot leaves no trace of your passwords in the RAM. So even an attempt by a hacker to use your computer and try to browse the cryptic memory dumps for passwords - a theoretical option - would be defeated.Clipboard protection – Password Depot automatically detects any active clipboard viewers and masks its changes to the keyboard; after performing auto-complete, all sensitive data is automatically cleared from the clipboard.The integrated password generator creates virtually uncrackable passwords: instead of passwords like "sweetheart" or "John", which can both be cracked in a few minutes, you now use passwords like "g\/:1bmV5T$x_sb}[email protected]?\A:y:Cwe-k)mUpHiJu:[email protected] Management: Friendly and easy-to-use interface, similar to the Windows Explorer, that allows you to navigate the password lists.Top bar window for faster and more efficient navigation. Now available in classic design or as application desktop toolbarAuto-complete action that allows you to automatically complete fields on a web page with user name and password.Supports Firefox, Netscape, Opera and Microsoft Internet Explorer.Password lists on the internet: Place your encrypted password lists on the Internet and enjoy access to all of them, no matter where you are!Import/export of passwords from/to other password managers.You can open a password's website directly from the program.Copy password, user name or URL to clipboard or drag & drop to the target field.Integrated server module: Share Password Depot with several users on a local network!Support of USB flash drives: Keep your passwords handy all the time by storing Password Depot and your passwords on a USB flash drive.Additional Features: Custom fields: Create as many fields as you like in the database. That way you can adjust Password Depot to your personal needs.Recognition of correct passwords: The program recognizes automatically the password that is used for a website and suggests it automatically!New wizards: Add web passwords using the wizards. Or install Password Depot on a USB flash drive with the help of the wizards.Perfect local security: you can use the lock function to restrict other user's access to your personal passwords.Quality inspection of your passwords: Check the quality and security of your passwords! New and intelligent algorithms check the passwords employed and alert you in case of “weak” passwords.Encrypt external files with Password Depot to make secret documents inacessible for unauthorized persons.Erase external files completely so that there are no traces left on your hard disk.Variables in URLs: Use variables in URLs to meet all the requirements and to automate special cases.Support of TANs: Support of TANs was added for customers who are using Password Depot for online banking.Password policies: You can define rules which all new or modified passwords have to fulfill (minimum length, types of characters contained, etc.).New program options: Thanks to the numerous new program options Password Depot is individually configurable.Website: http://www.password-depot.com/ OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Crack (RegKey) Size: 32,85 Mb.
  19. Kaspersky Password Manager 5.0.0.179 Kaspersky Password Manager is an indispensable tool for the active Internet user. It fully automates the process of entering passwords and other data into websites and saves the user going to the trouble of creating and remembering multiple passwords. When you use Kaspersky Password Manager to log in, you can rest assured that your data is safe. The software creates exceptionally strong passwords and prevents your login information from being stolen. All confidential data is encrypted and kept in a dedicated database on your computer. Kaspersky Password Manager makes your web experience safer, quicker and more convenient. Benefits Allows you to access websites and applications with just a single click of the mouseStores your passwords in an encrypted database on your computerCreates a strong, unique password for each accountIncludes a mobile version that can be loaded from a flash drive and run on another computerFills in lengthy forms for you automaticallyMain Features System Requirements Website: http://www.kaspersky.com/ Year: 2014 Language: Eng Medicine: Key Size: 6,17 Mb.
  20. I have Installed Eset Smart Security 7 French on a computer which is a client of a private network, & with no internet access, & I have patched its registry "PackageFeatures" value from "53" to "54" so I can select manual update, & I have the offline update files extracted on a shared folder on the server "\\192.168.7.1\eset_upd". I also activated it using "ESET Product Activator 2013" by "NIKKO", because "NIKKO's" "ESET Product Activator 2014" needs internet to activate, & I don't have any internet in the network. The problem is when I hit update it keeps asking me for a user & password to be able to apply the update, & I don't have any internet in the network to activate via user & password. I am realy stuck in here. Please help me for a solution. Thank you for your understanding.
  21. selesn777

    Nsasoft SpotAuditor 4.8.1.0

    Nsasoft SpotAuditor 4.8.1.0 SpotAuditor is a Windows utility that offers comprehensive solution for recovering passwords and other critical business information saved in computers. SpotAuditor recovers Internet Explorer, Firefox, Opera, Outlook Express, MSN messenger, Windows Live Messenger, Windows Messenger, RDP, ICQ, VNC, Dial up, RAS, VPN, Trillian, Miranda IM, &RQ, Camfrog Video Chat, Easy Web Cam, WinProxy, Total Commander (Windows Commander), Far ftp client, WS_FTP, CuteFTP, File Zilla, FlashFXP ftp client, SecureFX ftp client, WebDrive ftp, FTP Voyager, CoreFTP, CoffeeCup Direct FTP, AutoFTP, FTP Control, FTP Navigator, 32bit FTP passwords and reveals IE Auto Complete Fields saved passwords, recovers passwords stored behind the asterisks (*****). The program also explores Visited URLs, Installed Programs and Start Run Programs on a local machine or remote computers. http://www.youtube.com/watch?v=GAX_v_8a6Rs&feature=player_embedded SpotAuditor Key Features: IE7 ( Internet Explorer 7 ) web and autocomplete password recoveryIE6 ( Internet Explorer 6) and ActiveX password uncover and removerMozilla Firefox cached passwords recoveryOpera browser password recoveryMSN messenger 6.0 - 7.5 and Windows Live Messenger 8 password recoveryWindows messenger password retrieveDialup, RAS and VPN password recovery ( administrator privileges required )Outlook Express and Microsoft Office Outlook passwords recoveryRecovers Passwords behind Asterisks (*****)RDP - Remote Desktop password decoderICQ password finderTrillian password recoveryMiranda IM password recoveryGoogle Talk ( GTalk ) password recoveryGoogle Desktop password recoveryCamfrog Video Chat and Easy Web Cam password recoveryVNC 4.xxx password recoveryWinProxy Administrator password retrieverTotal Commander ( Windows Commander ) password recoveryCoffeeCup Direct FTP password recoveryWS_FTP password recoverySmartFTP 3.x password recoveryCuteFTP password revealFlashFXP ftp password unhiderFileZilla multiple FTP accounts and proxy server passwort recovery from registry and FileZilla.xmlFTP Navigator password discovery32bit FTP password recoveryWebDrive FTP password revealerFTP Control password seekerAutoFTP password recoveryFTP Voyager password recoverySecureFX ftp client password recoveryFar ftp client password viewerFtp Now password finderCore FTP passwords retrieverFFFTP passwords recovery&RQ icq client password searcher and decrypterInternet Explorer Cache ManagerInternet Explorer Content Advisor password changer and removerInternet Explorer Cookies, History and Internet Files CleanerWebsite: http://spotauditor.nsauditor.com/ OS: Windows XP / Vista / 7 / 8 (x86-x64) Language: ML Size: 2,54 Mb.
  22. KRyLack RAR Password Recovery 3.51.62 KRyLack RAR Password Recovery is a program to recover lost or forgotten passwords to RAR (including v3.x and v4.x, SFX, multi-volume and archives with encrypted filenames) archives. Key Features: The program has a convenient user interfaceRAR Archives (All versions including v3.0 and v4.0) are supportedRAR Archives with encrypted Filenames supportedMulti-volume RAR archives supportSelf-extracting archives are supportedArchives created by various software packages are supportedThe program is very customizable: you can set the password length, the character set to be used to generate the passwords, mask character, and a couple of other optionsYou can select the custom character set for brute-force attack (non-English characters are supported)Brute-Force attackThe "brute-force with mask" attack (with custom mask character) is availableDictionary-based attack is availableAutosave password search state and resume after a stop or a crashExtract tool for ZIP, RAR and ACE archivesThe maximum password length is not limitedCPU Priority control is availableFull Skinning SupportWebsite: http://www.krylack.com/ OS: Windows XP / Vista / 7 / 8 Language: Eng Medicine: Patch Size: 4,38 Mb.
  23. selesn777

    Sticky Password Pro 7.0.5.29

    Sticky Password Pro 7.0.5.29 Sticky Password Pro - is a useful program that can reliably protect and preserve all the important personal data (such as passwords, user names, Internet pager numbers, contact details, telephone numbers, etc.). Sticky Password sticks passwords and accounts to Microsoft Windows or Web pages for which they are used. All information stored in encrypted form in the database of passwords, access to which is protected by a master password. Personal data is easily available if Password Database is unlocked. After launching a web page or application, Sticky Password automatically enters the password, user name and other personal details. Thus, you only need to remember one password to remember the rest. Sticky Password - the best solution for passwords! No need to remember all those passwordsKeep your personal information safe!Auto complete formsPhishing and keyloggersTake your passwords with you wherever you're headingMain features of Sticky Password: Defender passwords uses the latest technology and is opposed to keyloggers and other spyware. It informs the user about the attempts of computer programs and libraries to get information from other programs.The portable version allows you to have passwords at your fingertips. Sticky Password can be run from any portable device - USB disk or from a CD.Open access to the passwords using a USB or Bluetooth device. Now you do not need to enter a password.Password-protected powerful encryption algorithms, that can not be cracked in a reasonable time.Automatic form filling work for any programs and web pages. Password, login and other fields are filled in automatically if necessary.You can store multiple passwords and logins for the same account.Easy to use: you can use and modify the stored information directly from the application that uses them.Automatic database backup passwords: passwords are changed or deleted can be restored at any time.New in version added new Chrome extension using Native Messaging technology to support Chrome 31+added support for 64-bit Internet Explorer versions using UI Automation technologydiscontinued use of Internet Explorer toolbar (replaced by UI Automation solution)removed support for old browser versions (Flock, Firefox <4, Thunderbird <5, Seamonkey <2.1) using XPCOM technologyremoved automatic integration of Portable Version with desktop browsers: going forward Internet Explorer will be the default browserchanges to Master Password settings: users able to bypass recommended criteriaadded workaround for Last.fm Scrobbler crashesadded progress bar to the Export Wizardfixed the Virtual Keyboard Anti-spy feature not working when the Shift button is pressedfixed the Virtual Keyboard repainting problem when clicking Caps buttonfixed authorization method issuefixed the option to turn off Favorites in the Systray menufixed autofill on mbank.pl and other sitesmiscellaneous stability and GUI improvementsWebsite: http://www.stickypassword.com/ OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Patch Size: 17,87 Mb.
  24. RAR Password Unlocker 5.0.0.0 Efficient and Secure WinRAR/RAR Password Recovery RAR Password Unlocker is proved to be a helpful tool when you forgot WinRAR/RAR password and cannot open the RAR archives. It can recover RAR password at high speed via 3 attack options: Brute-force, Brute-force with user-defined Mask and Dictionary. Support all RAR files created by any toolsRecover RAR password faster with SSE, etc.Support multi-core CPU and GPU acceleration3 efficient password attack options availableSave password recovery process automaticallyShut down computer automatically after recovery Key Features Website: http://www.passwordunlocker.com/ OS: Windows XP / Vista / 7 / 8 Language: Eng Medicine: Patch Size: 13,44 Mb.
×
×
  • Create New...