Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2024

What Is One-Time Share and What Are Its Benefits?

One-Time Share is a feature Keeper® Password Manager offers that allows users to securely share passwords and other sensitive data with anyone on a time-limited basis. When using One-Time Share, the recipient does not have to be a Keeper user themselves, making it convenient to securely share sensitive information with anyone. Continue reading to learn more about One-Time Share and the benefits of using this feature when sending sensitive logins and other data.

Recovering From a Data Breach: What You Should Do

Your data that’s stored with an organization you trusted could become exposed due to a targeted cyber attack or data breach. If your data was part of a public data breach, you need to change any compromised passwords, monitor your accounts for suspicious activity, freeze your credit and notify any relevant parties of the data breach. Continue reading to learn more about data breaches, how to recover from a data breach and how to prevent future data breaches from happening.

Can Someone Hack Your Zelle With Your Phone Number?

Yes, it is possible for someone to hack your Zelle account with your phone number if you use your phone number as a method of authentication for the Zelle app. This is possible due to a cyber threat known as a SIM-swapping attack. However, this shouldn’t be a cause for panic, as there are security measures you can take to prevent this from happening.

How To Detect and Prevent an Attacker's Lateral Movement in Your Network

To detect lateral movement, organizations need to identify abnormal network activity, map lateral movement paths, analyze user behavior and verify unknown devices. If left unnoticed, lateral movement can often lead to data breaches and the loss of highly sensitive data. Organizations can prevent lateral movement within their network by enforcing least privilege access, implementing zero trust, segmenting networks and investing in a PAM solution.

Expedite CMMC With Keeper Security

The U.S. Department of Defense (DoD) introduced its Cybersecurity Maturity Model Certification (CMMC) program in early 2020. CMMC is a security framework and assessor certification program designed to ensure that all Defense Industrial Base (DIB) contractors meet at least basic cybersecurity requirements for handling Controlled Unclassified Information (CUI), which includes compliance with a variety of standards published by the National Institute of Standards and Technology (NIST).

How To Avoid Scams on Facebook Marketplace

You can avoid scams on Facebook Marketplace by only using secure methods of payment, looking at buyer and seller reviews, inspecting an item closely before purchasing it and only communicating through Messenger. While Facebook Marketplace is a great way to find clothes, furniture and other items at discounted prices, there comes the risk of being scammed on the platform, making it crucial to be extra cautious as both a buyer and a seller.

Twelve Common Types of Malware

Malware is malicious software that cybercriminals use to infect a victim’s device. Cybercriminals use malware to gain control of the device, damage it or steal sensitive information. They use different types of malware to infect and exploit a user’s device. Some common types of malware include ransomware, Trojans, spyware and keyloggers. Continue reading to learn more about these types of malware, how they get delivered and how to stay protected from them.

How to Securely Share Passwords With Friends and Family

You can securely share passwords with friends and family by using a password manager. A password manager is a tool that aids users in creating, managing, securely storing and sharing their passwords. Some password managers also allow you to securely share additional sensitive data such as paperwork and credit card details Continue reading to learn the importance of sharing passwords securely and how a password manager can help.

Seven Signs a Job Offer Is a Scam

While looking for a job, you have to be careful about which jobs you apply to and avoid job offer scams. Some signs of a job offer scam are if the recruiter asks for personal information before hiring you, the job seems too good to be true, the company wants you to pay for something, or if communication is unprofessional. Continue reading to learn more about job offer scams, why they are dangerous, how to tell if a job offer is a scam and how to stay protected against them.

Why Higher Education Needs to Prioritize Cybersecurity in 2024

The frequency and severity of cyber attacks has increased dramatically since 2020, and the trend looks to continue in 2024. For the last four years, the education sector has been among the top five industries targeted by criminals. In fact, a recent cybersecurity report noted that ransomware attacks affected 79 percent of higher education providers in 2023, up from 64% in 2022.

What You Should Know About SOC 2 Compliance

SOC 2 – which stands for System and Organization Control 2 – is a cybersecurity compliance framework that specifies how third-party service providers should store and process organizational and client data. SOC 2 is part of the American Institute of Certified Public Accountants’ (AICPA) SOC reporting framework and utilizes the AICPA Statement on Standards for Attestation Engagements No. 18 (SSAE 18) standard.

How To Stay Safe From Gift Card Scams

You can stay safe from gift card scams by checking gift cards for physical tampering before purchasing them and avoiding requests that ask you to purchase gift cards as a form of payment. While gift cards are a common gift that many people choose to give each other, they are also commonly used by scammers for financial gain. According to the Better Business Bureau, gift card scams increased 50% from 2022 to 2023 with losses from January to September 2023 totaling $147 million.

What Is a Botnet?

A botnet is a network of infected devices known as bots, which are controlled by a single attacking party known as a bot herder. Botnets are made up of Internet of Things (IoT) devices such as computers, mobile devices, network routers and smart TVs. Botnets are used to carry out time-consuming cyber activities such as managing online chatrooms or tracking internal data. However, cybercriminals can use botnets for malicious purposes such as launching large-scale cyber attacks and stealing sensitive data.

Malware vs Virus: What's the Difference?

The main difference between malware and viruses is that malware is an umbrella term used to describe all types of malicious software, whereas viruses are a specific type of malware. In other words, all viruses are malware but not all types of malware are viruses. Continue reading to learn what malware is, what a virus is, the key differences between the two and how you can protect yourself against all types of malware, including viruses.

Keeper Now Supports Hardware Security Keys as a Single 2FA Method

While support for hardware security keys is not new to Keeper, historically users were required to have a backup Two-Factor Authentication (2FA) option in addition to using a security key. Keeper is excited to announce support for user authentication leveraging only a hardware security key as the 2FA method, without requiring a backup option.

What Happens if You Answer a Spam Call?

If you accidentally answer a spam call, scammers know your number is connected to a real person and can target you with more spam calls. These targeted spam calls will try to trick you into giving up your personal information which allows cybercriminals to steal your money, your identity and even your voice. You should avoid answering spam calls to help prevent cybercriminals from trying to steal your personal information.

Security Key as the Only 2FA Method

Two-Factor Authentication or “2FA” provides an extra layer of security when logging into your Keeper Vault. While support for hardware security keys for 2FA is not new to Keeper, historically, users were required to have a backup method in addition to a security key. Keeper Administrators now have the ability to enforce the use of a hardware-based security key as the only two-factor method via a role enforcement policy setting.

What Is Cyber Extortion?

Cyber extortion is a category of cybercrime that involves digitally threatening or coercing someone to do something against their will. Cyber extortion typically disables an organization’s operations or exposes an entity’s valuable assets such as confidential data, intellectual property or infrastructure systems. A cybercriminal will then threaten organizations or individuals to pay a ransom to prevent further cyber attacks or regain access to their sensitive files or operations.

Types of Password Attacks

Some of the most common types of password attacks include password cracking, password spraying, dictionary attacks, credential stuffing, brute force and rainbow table attacks. The better your password habits are, the less susceptible you are to password attacks. Keeper’s Password Management Report found that only 25% of respondents use strong, unique passwords for every account – meaning that 75% of respondents place their accounts at risk of being compromised due to weak passwords.

What Is the Internet of Things (IoT)?

The Internet of Things (IoT) refers to the network of physical objects – “things” – that connect and share data with the internet, other IoT devices and the cloud. IoT devices are often embedded with sensors, software and other technologies to exchange data with other devices and systems when connected to the internet. IoT devices include smart home devices like doorbell cameras and light bulbs.

Why Do Hackers Want Medical Records?

Hackers want stolen medical records to commit identity theft, use the stolen data as a ransom, sell it on the dark web or impersonate the victim to receive medical services. Medical records are valuable to cybercriminals as they allow cybercriminals to commit fraud and go undetected longer than they can with other Personally Identifiable Information (PII).

Keeper Security Introduces Granular Sharing Enforcements

Keeper Security is excited to introduce Granular Sharing Enforcements for all products in the Keeper® platform. This feature, an extension of Keeper’s robust existing sharing policies, enables administrators to apply detailed restrictions for record creation and sharing to user roles. By doing so, Keeper Admins can easily enforce the principle of least privilege and simplify compliance.

What To Do if You Get Scammed While Shopping Online

Online shopping has allowed buyers to find bargains and conveniently purchase from retailers all over the world. However, cybercriminals take advantage of the anonymity of online shopping to scam online buyers. If you get scammed while shopping online, you need to contact your credit card issuer, freeze your credit, change any compromised passwords, contact the online marketplace and report the scam to the FTC.

Are Passkeys Phishing-Resistant?

Yes, passkeys are phishing-resistant because they are built on the WebAuthn standard which is an authentication standard that uses public key cryptography to authenticate a user’s identity before they’re able to log in to their account. Continue reading to learn more about what makes passkeys phishing-resistant, plus the additional benefits of signing in to your accounts with passkeys over passwords.

What To Do if Your Online Accounts Keep Getting Hacked

If your online accounts keep getting hacked, you should scan your computer for malware, update your account passwords, enable MFA, check your account’s settings for suspicious changes, change your account’s security questions and place a fraud alert on your credit report. Continue reading to learn the signs that point to your online account being hacked, steps to take when your account is hacked and how to prevent your account from being hacked again.

What Is Digital Identity?

Digital identity refers to the collection of data that represents an entity online. Digital identity can represent users, organizations or electronic devices and consists of their accounts, credentials, certificates, behaviors and usage patterns. In Identity Access Management (IAM), digital identity is needed to authenticate a user and authorize their permissions to access sensitive data.

Computer Worm vs Virus: What's the Difference?

The main differences between a worm and a virus are how they spread and how they are activated. Worms spread automatically to devices through a network by self-replicating, whereas viruses spread by attaching themselves to files or programs. Worms don’t need human interaction to activate and infect a device, whereas viruses do. Continue reading to learn more key differences between worms and viruses and how to keep your devices and data safe from both types of malware.