Asus was warned of hacking risks months ago, thanks to leaky passwords

A security researcher warned Asus two months ago that employees were improperly publishing passwords in their GitHub repositories that could be used to access the company’s corporate network. One password, found in an employee repo on the code sharing, allowed the researcher to access an email account used by internal developers and engineers to share […]

View More Asus was warned of hacking risks months ago, thanks to leaky passwords

Facebook admits it stored ‘hundreds of millions’ of account passwords in plaintext

Flip the “days since last Facebook security incident” back to zero. Facebook confirmed Thursday in a blog post, prompted by a report by cybersecurity reporter Brian Krebs, that it stored “hundreds of millions” of account passwords in plaintext for years. The discovery was made in January, said Facebook’s Pedro Canahuati, as part of a routine […]

View More Facebook admits it stored ‘hundreds of millions’ of account passwords in plaintext

Get £80 off Sticky Password — the ultimate password manager

TwitterFacebook

The weekend is over, but we have a deal to help you start the week with a skip in your step.

You can now secure Sticky Password Premium for just £34.99 until March 25. That’s 70% cheaper than the usual list price of £114.99, saving you a massive £80. This offer is valid for one user over a whole lifetime.

So what exactly is Sticky Password? Put simply, it’s the ultimate password manager. Put less simply, Sticky Password manages all your passwords and personal data, automatically logs you in to sites, fills in every form for you, and generates extra-strong new passwords for you. 

You are right to worry about your data, but you needn’t fret with Sticky Password. Your data is secured with military-grade AES-256 encryption. This is the world’s leading standard of encryption, meaning your master password for the manager is not known to anyone – not even to Sticky Password. Read more…

More about Password, Data Privacy, Password Manager, Mashable Shopping, and Shopping Solo

View More Get £80 off Sticky Password — the ultimate password manager

Outdoor Tech’s Chips ski helmet speakers are a hot mess of security flaws

Sometimes the “smartest” gadgets come with the shoddiest security. Alan Monie, a security researcher at U.K. cybersecurity firm Pen Test Partners, bought and tested a pair of Chips 2.0 wireless speakers, built by California-based Outdoor Tech, only to find they’re a security nightmare. The in-helmet speakers allow users to listen to music on the go, […]

View More Outdoor Tech’s Chips ski helmet speakers are a hot mess of security flaws

ClassPass, Gfycat, StreetEasy hit in latest round of mass site hacks

In just a week, a single seller put close to 750 million records from 24 hacked sites up for sale. Now, the hacker has struck again. The hacker, whose identity isn’t known, began listing user data from several major websites — including MyFitnessPal, 500px and Coffee Meets Bagel, and more recently Houzz and Roll20 — earlier this week. […]

View More ClassPass, Gfycat, StreetEasy hit in latest round of mass site hacks

Hacker who stole 620 million records strikes again, stealing 127 million more

A hacker who stole close to 620 million user records from 16 websites has stolen another 127 million records from 8 more websites, TechCrunch has learned. The hacker, whose listing was the previously disclosed data for about $20,000 in bitcoin on a dark web marketplace, stole the data last year from several major sites — […]

View More Hacker who stole 620 million records strikes again, stealing 127 million more

Lenovo Watch X was riddled with security bugs, researcher says

Lenovo’s Watch X was widely panned as “absolutely terrible.” As it turns out, so was its security. The low-end $50 smart watch was one of Lenovo’s cheapest smart watches. Available only for the China market, anyone who wants one has to buy one directly from the mainland. Lucky for Erez Yalon, head of security research at […]

View More Lenovo Watch X was riddled with security bugs, researcher says

Thousands of industrial refrigerators can be remotely defrosted, thanks to default passwords

Security researchers have found thousands of exposed internet-connected industrial refrigerators that can be easily remotely instructed to defrost. More than 7,000 vulnerable temperature controlled systems, manufactured by U.K.-based firm Resource Data Management, are accessible from the internet and can be controlled by simply plugging in its default password found in documentation on the company’s website, […]

View More Thousands of industrial refrigerators can be remotely defrosted, thanks to default passwords

Have your passwords been stolen by hackers? New Chrome extension will let you know

If you have multiple online accounts (you probably do), and you’ve been on the internet for more than a few years, chances are at least some of your passwords have ended up in the wrong hands. Proof: Huge databases of stolen email/password combinatio…

View More Have your passwords been stolen by hackers? New Chrome extension will let you know

Houzz resets user passwords after data breach

Houzz, a $4 billion-valued home improvement startup that recently laid off 10 percent of its staff, has admitted a data breach. A reader contacted TechCrunch on Thursday with a copy of an email sent by the company. It doesn’t say much — such as when the breach happened, or if a hacker to blame or if […]

View More Houzz resets user passwords after data breach

Meet the little-known Chinese WiFi startup that rubs shoulders with WeChat and Alipay

A service that connects people to WiFi hotspots for free turned out to be one of China’s most popular apps, nestling in the top ranks with Tencent’s WeChat messenger and Alibaba’s digital wallet affiliate Alipay. According to a report from app tracking service App Annie, WiFi Master Key was China’s fifth-largest app and the world’s ninth […]

View More Meet the little-known Chinese WiFi startup that rubs shoulders with WeChat and Alipay

A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts

A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise. The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter […]

View More A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts