Latest Keeper Blogs

Benjamin Caudill – a veteran penetration tester – has broken into organizations, large and small, just about everywhere. In doing so, he has exposed security vulnerabilities and numerous pathways for hackers to do their worst to unsuspecting businesses. Caudill, who was dubbed a ‘deadly force that could easily penetrate and exploit a firm’s most private

Two years ago the CIO at Quest Credit Union  had no problem extending responsibility for password management beyond just the IT department. That’s because C-suite executives were using a password management solution for personal use. Thus getting the the organization aligned with an enterprise password management solution was almost automatically a shared responsibility. There are

1) These five user passwords accounted for 3.2 million of the 130 million accounts that were stolen in the Adobe hack of 2013: “123456,” “12345678,” “Password,” “Adobe123” and “12345678.” source 2) An analysis of 11 million stolen passwords for cloud services conducted by Skyhigh Networks found that just 20 passwords constitute 10.3% of all passwords in

Regulators in New York State are proposing tough new restrictions on banks that could require them to spend millions of dollars on cyber security protection. We recommend you keep an eye on this proposed legislation in case it becomes a model for other states and industries. Among the measures in the proposed regulations, which are

Updated on November 14, 2022. Password cracking is using programs and tools to retrieve passwords stored in a computer system or sent via a network. Cracking a password may seem like a next-to-impossible task, but you’d be surprised how easy it can be. Read on to learn how password cracking works, the techniques used and

Today, the attention of both IT and business managers in organizations of all sizes is fixed on cybersecurity. The reason is simple: Absolutely no organization is immune to cyber attacks in an ever-growing threat environment. This is particularly true for SMBs. A recent major study of some 600 SMBs unearthed startling findings that more than

Written by Guest Blogger, Patty Brogdon When it comes to cyber threats, it is no longer sufficient to throw technology at the problem, as had been the practice a decade ago. Organizations today are increasingly aware that combining a multi-tiered approach to security is the best bet in keeping their critical assets protected against theft.

Security managers clearly understand the consequences of poor information security practices, but they often find it difficult to change employee behavior.  Employees typically see security as a nuisance and as a result take the path of least resistance. Making security a top of mind issue for employees involves a combination of education and behavior modeling.

by Craig Lurey, CTO at Keeper Security, Inc. – August 26, 2016 Keeper holds the security of our customers and their data as our highest priority.  To mitigate the possibility of an online clickjacking attack during a browser session, we have updated our Keeper Browser extension.  We have made two security enhancements based on the analysis provided

By Craig Lurey, CTO & Co-founder of Keeper Security Keeper is awesome for DevOps teams. Back when we first created Keeper, our goal was to build a digital vault that was ultra secure but also easy to access and use. Website passwords are just one of many types of sensitive information that Keeper can protect.

Keeper’s engineering teams are working around the clock to provide you with the strongest experience on all major platforms and devices. Today, we’re excited to bring you the latest version of Keeper Desktop. Keeper Desktop is a cross-platform password manager and digital vault providing encrypted storage and seamless cloud synchronization on Windows, Mac and Linux.

Weak passwords: there’s no excuse for them yet we still see so many people using them.  It is often disregarded as unimportant and a result of not having a nominal level of security education and awareness. Weak passwords and password reuse account for over 70% of all computer and internet account breaches. People hate creating

2015 was a record breaking year for data breaches impacting almost every sector – healthcare, education, financial services, retail, the federal government and more. During the first three quarters of the year, over 3,000 data breaches were reported. Of course, the most eye-opening breach of all was at the Office of Personnel and Management (OPM),

Keeper has removed its Wi-Fi syncing feature. We’re now auto-enabling our Cloud-based Internet Syncing feature for all users. This is great news for users – it simplifies the user experience, reduces confusion, enhances the product and increases security. Keeper’s Internet Sync feature is the most secure way to sync information between your devices and protect

‘Tis the season for holiday shopping and hackers! As Black Friday and Cyber Monday approach us, the two biggest shopping days of the year, it’s imperative that consumers everywhere follow some simple steps to protect themselves and their wallets. This level of security awareness should not only apply during the holiday season but ALL the

Professional hackers at SkyCure have discovered a major security vulnerability in iOS, that allows a malicious WiFi hotspot to launch a DDoS (Distributed Denial-of-Service) attack.  The ‘No iOS Zone’ flaw, works by exploiting the SSL security certificate of iOS 8 that leaves a device wide open. The SkyCure CEO said, “This is not a denial-of-service

A security researcher, Kamil Hismatullin, discovered a major flaw in the YouTube API that allowed people to delete any videos on YouTube.   He was searching for YouTube vulnerabilities to report to Google for a cash reward when he found this code: POST https://www.youtube.com/live_events_edit_status_ajax?action_delete_live_event=1 event_id: ANY_VIDEO_ID session_token: YOUR_TOKEN   In order for someone to delete the video, all

On Sunday, Yahoo launched a new service called “on-demand” passwords, which lets someone log into a Yahoo account using a unique, one-time code that is delivered via text message.  It’s basically two-factor authentication without the first step. Sounds interesting, but it begs the question, how secure are on demand passwords? The whole point of multi-factor

Google’s expert team of hackers at Project Zero have discovered a serious flaw in modern DRAM devices.  The flaw encourages computer vendors to cough up more information about hardware flaws, and is exploitable on x86 laptops.  Google is encouraging vendors to release information about affected devices so that researchers and further evaluate the rowhammer problem.

Lenovo’s website was hacked yesterday. Just a week after it was announced that Lenovo was installing “Superfish” adware on its factory-fresh laptops, the Lizard Squad has hacked the Lenovo.com website and turned it into a slideshow of webcam images set to pop music.  This is the same group that took down the Playstation Network and Xbox Live