Welcome to The Dashlane Tech Check for March 10, 2017!  I’ll help you catch up on Dashlane-related news and the big news in the tech industry. And just for fun, I’ll include a useful lifehack that will keep you safe and secure all year long.

What in the (Security) World?

Here’s what made headlines this week in the world of digital identity, security, and privacy:

Wikileaks releases information on alleged CIA hacking tools

 

The Central Intelligence Agency (CIA) is scrambling to mitigate the damage caused when WikiLeaks published a trove of documents on alleged CIA hacking programs. Dubbed “Vault 7”, this is the first release in a series of releases known as “Year Zero” and promises to be the largest publication of confidential CIA documents ever, according to WikiLeaks. Here are 5 big revelations for the documents disclosed in the leak:

  • The CIA allegedly built malware that targets iPhones, Androids, and smart TVs.
  • The CIA allegedly developed multi-platform malware targeting Windows, Mac OS X, Solaris, Linux and more, such as EDB’s “HIVE” and the related “Cutthroat” and “Swindle” tools.
  • The CIA allegedly did not disclose serious security flaws to manufacturers like Apple, Microsoft, Google, and other US-based manufacturers, breaking a commitment made from the Obama administration. 
  • CIA hackers allegedly operated a “hacker base” out of the Frankfurt consulate in Germany
  • The CIA allegedly laid out rules on how the “CIA, US government, or its witting partner companies” can avoid being implicated in a “forensic review”.

For more information, click here to read the Hacker News’ breakdown of the 10 things you should know about the Vault 7 cache.

There is no absolute right to privacy” says FBI Director 

In a keynote speech at the Boston Conference on Cyber Security, FBI Director James Comey avoided questions about the CIA leak, but did discuss his views on strong encryption. In response to secure messaging applications like Signal and WhatsApp gaining in popularity, Comey said: “These apps are now a default feature of much less sophisticated actors, drug dealers, bank robbers, pedophiles, some terrorists. Their shadow is spreading across more of our work.” He also defended the U.S Government’s right to invade one’s privacy–with good reason. “There is no absolute right to privacy,” Comey said, adding, “with respect to default, strong encryption, it changes that bargain, and shatters it, in my view.” Read more.

Fortune 1,000 companies are twice as likely to be breached, says new study

Infosecurity Magazine covered a new study from BitSight researchers, which found that least one out of every 20 Fortune 1,000 companies has experienced a data breach in the last 15 months. The study also found the security performance of those Fortune 1000 companies’ has declined overall. Learn more.

Employees are still not aware of the security risks associated with BYOD devices in the workplace 

 

Infosecurity Magazine also covered a study from Symantic, that found that approximately three in four British workers use their personal devices for work, but 13 percent of them have no idea what the security status of their device is and only 15 percent enable automatic security settings updates. Read more.

Breach Alerts

One Million Gmail and Yahoo credentials are for sale on the dark web

 

According to Computer Weekly, roughly one million Gmail and Yahoo credentials are up for sales on the dark web. The data up for sale includes usernames, email addresses, and plaintext passwords for over a million accounts, sourced from various data breaches in recent years. Learn more.

#Spammergate: A spam list leaked almost 1.4 billion emails and IP addresses

Ever wondered how those robotic spam emails manage to get your information? “Automation, years of research, and fair bit of illegal hacking techniques” says a team of investigators from the MacKeeper Security Research Center, CSOOnline, and Spamhaus. MacKeeper released information about the sketchy marketing firm River City Media’s failure to secure a database containing almost 1.4 billion email accounts, full names, IP addresses, and often physical addresses. Learn more.

Dashlane News You Shouldn’t Snooze

Snapchat star recommends Dashlane after his account gets hacked 

Photo credit: Frockadvisor

Snapchat star and co-founder of Currabinny James Kavanagh spoke to Xpose about his social media profile being hacked. He admits that he protected his Snapchat account with a weak password and his entire account was dissolved “in the blink of an eye.” In the wake of the incident, Kavanagh has learned to change his passwords monthly and use a password manager! “Also, I downloaded Dashlane for free for my laptop and phone, he said” “It’s a fab password manager that works from a master password. Give it a whirl.” Read more.

Dashlane is one of 6 tools recommended for “Digital Nomads”

Fast Company writer Tiffany Sun recommended 6 tools she simply can’t live without as a “digital nomad”. Number four on her list: Dashlane! Sun says that she looked for and tried dozens of apps to boost her productivity, but struggled to remember her passwords for all of them. “Don’t be like me and wreck your brain,” she says. “Get Dashlane. It stores all of your passwords and automatically fills them in for you”. Read more.

This Week’s Lifehack to Improve Your Security

This Thursday was International Women’s Day! To celebrate, the women of Dashlane got together to discuss many important issues, including one we’re uniquely passionate about–security. To spread awareness about the unique security risks women face online, we wrote a blog post made for women (by women) on with tips and tools to protect yourself on and offline. We highly recommend sharing this with your friends, family, and close colleagues!


Have any thoughts on any of the news I shared? Leave me a comment below and make sure to visit our blog next week for another edition of The Dashlane Tech Check.

Also, don’t forget to follow us on Twitter to always be in the know! In our last Tech Check, we told you about the Yahoo breach you didn’t hear about in the news and tell you what caused the Amazon AWS S3 outage that caused major headaches for several websites and apps.

Here’s more news you can use:
ZDNet wants you to stop calling everything a “hack!” Here’s why.
Would you give the feds access to your encrypted messages? 46 percent of Americans said…
Would you give the fed access to your encrypted messages? 46 percent of Americans said…
The Mozilla dinosaur is officially extinct! See their geeky new logo.