Critical PGP and S/MIME bugs can reveal encrypted e-mails. Uninstall now

Happy Monday.

The Internet’s two most widely used methods for encrypting e-mail–PGP and S/Mime–are vulnerable to hacks that can reveal the plaintext of encrypted messages, a researcher warned late Sunday night. He went on to say there are no reliable fixes and to advise anyone who uses either encryption standard for sensitive communications to remove them immediately from e-mail clients.

Read the full article at arstechnica.com.

Think You’ve Got Your Credit Freezes Covered? Think Again.

This is infuriating! Equifax has a handy little backdoor way of getting around credit freezes to still make money off of our data. (Not to mention the other companies that have easy access without much oversight.)

I spent a few days last week speaking at and attending a conference on responding to identity theft. The forum was held in Florida, one of the major epicenters for identity fraud complaints in United States.

Read the full article at krebsonsecurity.com.

Introducing Watchtower 2.0: The turret becomes a castle

My favorite password manager gets even better. Check out the new features designed to help you keep your passwords secure.

Introducing the all new Watchtower – it is absolutely gorgeous, and appears to be rather timely! Twitter asked their 330 million users to change their password yesterday due to a security snafu, putting privacy and security at the forefront of everyone’s mind once again.

Read the full article at blog.agilebits.com.

Report: Chinese government is behind a decade of hacks on software companies

Even hackers risk impact from poor operational processes.

Researchers said Chinese intelligence officers are behind almost a decade’s worth of network intrusions that use advanced malware to penetrate software and gaming companies in the US, Europe, Russia, and elsewhere.

Read the full article at arstechnica.com.

OMG! WiFi has been hacked! The World is Ending!

Sorry for the drama, but I needed to get your attention. Over the next several days (likely starting today), you’re going to hear breathless stories from all sorts of media outlets (newspapers, cable news, Twitter, etc.) saying that most WiFi connections can easily be hacked.

DON’T PANIC.*

Researchers have found a flaw that could allow hacking of the most-used type of WiFi. But, they don’t believe hackers are using this technique yet. Also, most people should think about how likely it is that someone would try to hack their home WiFi. Read more

Do You Two-Step?

Oh the joy of being online – more than 1 billion Yahoo accounts hacked, celebrities getting their photos stolen after falling victim to email schemes, login information for 167 million LinkedIn accounts was stolen – the list goes on and on.

Even if you follow my advice for creating secure passwords, there’s not much you can do when a site you use gets hacked – or is there? That’s where two-step (also called two-factor) authentication can help. Read more