Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2024

Can 2FA Stop Hackers?

Yes, Two-Factor Authentication (2FA) can stop hackers from accessing your accounts, but it’s not entirely foolproof and some forms of 2FA are stronger than others. 2FA is a type of Multi-Factor Authentication (MFA) that requires two authentication factors. With 2FA, you will need your username, password and another authentication method before you can access an online account.

How Keeper Helps Businesses Comply With the New CMMC Ruling

With the Cybersecurity Maturity Model Certification (CMMC) 2.0 now finalized by the U.S. Department of Defense (DoD), contractors and suppliers across the Defense Industrial Base (DIB) must ensure they meet stricter cybersecurity standards to maintain eligibility for DoD contracts. Achieving and maintaining CMMC compliance is no small task — it requires robust security protocols, continuous monitoring and strict control over access to sensitive information.

What's New With Keeper | October 2024

Passphrases are quickly emerging as a user-friendly alternative to traditional passwords. Earlier this year, Keeper integrated a passphrase generator into our web vault. Now, our users can take advantage of this ultra-secure, convenient functionality on our Android mobile app and KeeperFill Browser Extension, with iOS coming soon. Like Keeper’s password generator, you can generate a passphrase within your vault or record screen with a simple click of the dice.

What To Do if Your Child's Social Security Number Is Stolen

As a parent, you always want to protect your child from risks, including those that could jeopardize their well-being and safety. Getting your own Social Security number (SSN) stolen is stressful enough, but when your child’s SSN is compromised, you will want to act quickly to protect their identity. According to data from the Federal Trade Commission (FTC), 3% of all identity theft reports in the first half of 2024 were for children 19 years old and younger.

How To Stop Spam Emails

To stop receiving most spam emails, you can report them, block spam email addresses, make a burner email account and remove third-party account access. Spam emails are unwanted messages sent to many people, usually to advertise an item or service. According to Statista, approximately 46% of email traffic as of December 2023 could be classified as spam.

What Is a Black Hat Hacker?

A black hat hacker is a cybercriminal who accesses your computer systems and network without your knowledge to steal data, disrupt systems and extort money. Black hat hackers try to take advantage of an organization’s security vulnerabilities to gain unauthorized access to software, systems and networks. Once they gain access to an organization’s data, black hat hackers may hold the data for ransom or sell it to other businesses or cybercriminals.

RBAC vs ABAC: Which Should You Use?

The main difference between Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) is how they grant access to users and resources. RBAC focuses on granting access to users based on their roles within an organization, while ABAC grants users access based on their characteristics, such as their environment. Continue reading to learn more about RBAC and ABAC, their crucial differences and which form of access control your organization should use.

Is Venmo Safe?

Yes, Venmo is generally safe to use; however, there are always risks when using the mobile payment app. Some risks you should be aware of include Venmo scams, account compromises and data breaches. Typically, people use Venmo to pay friends back when they owe money or split the bill at a restaurant. Although Venmo allows you to send and receive money, it is much safer to use the app when transactions are made with people you know and trust.

The Work Doesn't End After Cybersecurity Awareness Month

Each October, the cybersecurity industry recognizes Cybersecurity Awareness Month, an international initiative first launched by the National Cybersecurity Alliance in 2004 to provide education about online safety and empower individuals and businesses to protect their data from cybercrime. This October, Keeper Security took this important commemorative month one step further. We decided that it’s time to move from knowing digital risks to taking decisive action to prevent damaging cyber attacks.

Introducing Passphrase Capabilities on Android

To generate a passphrase for a new or existing record on Android, tap the dice icon, select the dropdown menu next to “Type” and select Passphrase. You can customize your passphrase by setting the length, including capitals and numbers in the passphrase, and choosing from various symbols to separate the words. Passphrases can be up to 20 words long, with a minimum length of 5 words and each word including at least 3 characters. Check the box if you'd like to make your selections the default setting for all passphrases moving forward. Tap Use Passphrase or Copy Passphrase when you are done.

Does Your Computer Have a Virus? Here Are Ten Warning Signs

You can tell if your computer has a virus by looking for warning signs, such as slower performance speed, increased pop-ups, frequent crashes or freezes, reduced battery life and unfamiliar files. A computer virus is a type of malware that requires user interaction to infect your computer. Computer viruses can disguise themselves as email attachments in phishing scams, illegitimate files, altered code or pirated software.

What Is Credit Monitoring and Is It Worth It?

Credit monitoring is a service that tracks any changes made to your credit reports that could be signs of fraud or identity theft. It is helpful to be alerted in real time to any new accounts being opened in your name, changes to your credit or missed payments. Continue reading to learn what credit monitoring does, if it’s worth it and how to protect yourself from becoming a victim of fraud and identity theft.

Introducing the Risk Management Dashboard

The Keeper Risk Management Dashboard is a powerful feature of the Keeper Admin Console that provides comprehensive security posture information covering end-user deployment, utilization, cloud configuration, and event monitoring. This critical data helps administrators ensure that risks are remediated and compliance is enforced effectively.

Keeper Improves Security Audit and Browser Extension Functionality

Keeper Security is pleased to announce significant improvements to the Security Audit tab of the Admin Console for business users, as well as the Browser Extension for organizations and individuals alike. The updates include a refreshed User Interface (UI) for both, new functionality to refresh and reset Security Audit scores, the ability to generate a passphrase via the Browser Extension and more.

Is Apple's Passwords App Safe?

Apple’s new Passwords app is only as secure as your device since it can be accessed using your phone’s passcode. If you have an easy-to-guess passcode, such as one with four digits, consecutive numbers or personal details like your birthday, it places your passwords at a greater risk of being accessed by an unauthorized person. A standalone password manager, like Keeper does not permit vault login with a passcode.

Can You Erase Your Digital Footprint?

No, you cannot erase your digital footprint, but you can reduce it by deleting inactive accounts, opting out of people search sites and adjusting your privacy settings. Your digital footprint is a collection of data left behind by your unique online activity, ranging from what you post on social media to what you browse on the internet.

What Is SCIM Provisioning and How Does It Work?

System for Cross-domain Identity Management (SCIM) provisioning is a tool that helps simplify the management of user information across different systems. The information needed on multiple devices or systems will be the same, so instead of a user entering their information over and over again to access data, SCIM connects their identity with your organization’s various systems. Keep reading to learn the ways SCIM provisioning can be used, how it works and its benefits.

Can Google Ads Be Scams?

Yes, it is possible for Google Ads to be scams. According to the 2023 Google Ads Safety Report, Google successfully blocked and removed over five billion fake ads and suspended almost 13 million advertiser accounts. Even though fake Google Ads are prohibited by Google’s policies, many phony ads go undetected if no one reports them, which could lead to you falling for their scams.

What Is the Digital Operational Resilience Act (DORA)?

The Digital Operational Resilience Act (DORA) is a regulation that strengthens digital security among financial institutions in the European Union (EU). Although DORA came into effect in 2023, it will be fully adopted by all EU financial entities and third-party service providers of Information Communication Technologies (ICT) beginning in January 2025 to improve their defenses against potential cyber threats.

The Importance of Data Security in Healthcare

Data security is crucial in the healthcare industry because protecting patients’ medical information prevents unauthorized users from obtaining private data. Since patients’ medical data contains their medical history, prescriptions and diagnoses, an unauthorized user who gains access to this data could use it to commit identity theft and medical insurance fraud.

What Is Password Rotation?

Password rotation is the practice of changing and resetting passwords at regular intervals to minimize security risks and unauthorized access to private information. There are two main types of password rotation: manual and automatic. Manual password rotation refers to the process of changing a password yourself, while automatic password rotation relies on a system to generate a new password and replace the old one.

Take Action This Cybersecurity Awareness Month With Four Essential Steps

As we embrace October, it’s time not just to passively celebrate Cybersecurity Awareness Month – it’s time to actively engage in it. At Keeper Security, we believe that while awareness is important, the time has come to move swiftly and proactively against evolving cyber threats. With advancements in Artificial Intelligence (AI), cybercriminals are weaponizing sophisticated tools to launch targeted attacks at a massive scale.

How Do You Know if Your SSN Is Being Used?

To find out if someone else is using your Social Security number (SSN), you should check your credit reports, review your mySocialSecurity account and be cautious of calls from debt collectors. The idea of a stranger having such sensitive information about your identity can be terrifying. You may even be a victim of the recent data breach in which over 2.9 billion pieces of personal data were stolen from National Public Data.

What Can Someone Do With Your IP Address?

Once someone knows your IP address, they can determine your approximate location, track your online activity, impersonate you or conduct targeted DDoS attacks. Most cybercriminals will use your IP address to learn more personal information about you through phishing attacks, which can be used to identify and impersonate your internet provider.

Keeper Named a G2 Leader in Multiple Cybersecurity Categories, Fall 2024

Keeper Password Manager was rated as a leading enterprise, mid-market and small business password manager for Fall 2024 by users on G2, the world’s largest and most trusted software marketplace. Keeper Security was also named a leader in password management globally, with distinctions in the Europe, Middle East and Africa (EMEA), Canada and Asia-Pacific regions, and named a high performer and momentum leader across 10 cybersecurity categories, earning a total of 53 badges.

How To Protect Your Debit Card From Being Hacked

You can protect your debit card from being hacked in several ways, such as using your credit card for purchases instead of your debit card, securing your bank accounts with strong passwords and using secure networks for online purchases. Debit card fraud can occur through phishing attacks, data breaches, card skimming or even theft of your physical debit card. If your debit card is hacked, it can lead to your money and identity being stolen.

Introducing Landscape Mode, Passphrases and Other Improvements to KeeperFill

Introducing Landscape Mode, Passphrases and Other Improvements to KeeperFill Intro KeeperFill is Keeper’s powerful, autofilling feature that works across all devices, allowing you to automatically and securely fill your usernames, passwords, passkeys, 2FA codes and more into the sites you visit.

Privileged Access Management Use Cases

There are several use cases for a Privileged Access Management (PAM) solution, including secure remote access, credential management and least-privilege access enforcement. PAM helps organizations manage the access of authorized accounts to highly sensitive data, including IT departments, HR or staff who handle payroll systems. Continue reading to learn more about the different use cases for PAM and why you should choose KeeperPAM as your PAM solution.

PIM vs PAM: What's the Difference?

The main difference between Privileged Identity Management (PIM) and Privileged Access Management (PAM) is their varying focuses. PIM ensures that users have necessary access based on their identity, while PAM stops unauthorized users from accessing sensitive information. Continue reading to learn more about PIM and PAM, in addition to what distinguishes them from each other.

Is Jailbreaking Your iPhone Safe?

No, jailbreaking your iPhone is not safe and can result in your personal information being stolen, your phone becoming infected with malware and your software malfunctioning. When you jailbreak your iPhone, you increase the number of security vulnerabilities that cybercriminals can exploit to access your private information. Continue reading to learn what jailbreaking is and why you should never jailbreak your iPhone.

How To Prevent Man-in-the-Middle Attacks

You can prevent Man-in-the-Middle (MITM) attacks in your organization by investing in a password manager, using a VPN, monitoring your network and training employees on security best practices. MITM attacks occur when a cybercriminal intercepts private data sent between two businesses or individuals to steal or alter the data with malicious intent.

How To Spot Fake Ads on Facebook

You can spot fake ads on Facebook if you notice that the ads feature very inexpensive products, poor-quality images, spelling mistakes or a lack of clear branding. Fake Facebook ads aim to trick you into sharing your personal information or paying for items that don’t exist. Continue reading to learn some of the most common signs of fake Facebook ads, how to avoid falling for these fake ads and what to do if you have already been scammed by them.

What To Do if a Scammer Has Your Phone Number

If a scammer has your phone number, you should lock your SIM card, secure your online accounts with strong passwords and block spam calls from your phone. With your phone number, scammers can do several things, including target you with phishing attacks, spam calls, spoofing attacks and SIM swapping. These kinds of cyber attacks can lead to your personal information being compromised and even your identity being stolen.

Can I Remove My Information From the Dark Web?

Unfortunately, once your information has been put on the dark web, you cannot remove it. Despite this, you can still protect your personal information and identity by changing your passwords, enabling Multi-Factor Authentication (MFA) and monitoring your online accounts for suspicious activity. Continue reading to learn how to tell if your information is on the dark web and what you can do to protect yourself if it is.