Nearly 4.5 billion records in total collected, 542 million unique emails addresses
The New York Times reported earlier this week that a hacker group has collected 1.2 billion unique username and password credentials from 420,000 websites. The records, which were verified by a security firm, is thought to be one of the largest collections of Internet identity information reported. The publication had the data analyzed by another expert, who verified the authenticity of the collection but has not commented on the validity of the data.
About 76,000 email addresses, 4,000 encrypted passwords were publicly accessible
At the beginning of the month, Mozilla issued a release on its security blog that there had been an investigation into accidental disclosure of its database for the Mozilla Developer Network (MDN). The company discovered a problem after a web developer found out that the data sanitization process it runs on the MDN database had been failing. The result was that 76,000 email addresses of account holders, as well as the "passwords of about 4,000 users" were able to be accessed publicly.
Keeper Security offers new password manager to Mac users
Keeper Security published a press release Wednesday, announcing its launch of a new password manager for Mac. Keeper for Mac allows users to promptly sync their password records across all their devices. When login information is changed, these alterations are synced automatically. Also included is a 'sharing' feature, which allows users to grant access to specific Keeper records to other users.
Bolstered security follows large-scale attack on Evernote servers
Evernote has added three new security features to help its users keep their accounts safe. The inclusion of two-step authentication, access history, and authorized app management comes two months after the note-taking service suffered an attack by hackers, which forced the company to reset all passwords for its near 50-million user base.
Added note says password blacklist will be updated over time
A list containing passwords unusable on BlackBerry 10 devices has leaked. The list, containing what Research in Motion deems to be the most obvious passwords, appears to be designed to stop anyone from using easily-guessable passwords on the operating system. Though not a cure-all to every security threat, it does add some security by forcing users to choose more secure words, phrases, or codes than they would have previously used.
Apple, Samsung, Google engineer details in security breach
A researcher has discovered a security breach at a large professional organization for computer engineers. The Institute of Electrical and Electronics Engineers (IEEE) had left unencrypted usernames, passwords and activity of almost 100,000 of its members publicly viewable on an FTP server for the last month. Engineers from Apple, Google, IBM, Samsung, and NASA were affected, among others.
eWallet stores passwords, credit cards, accounts
Ilium Software has ported its password manager, eWallet 7.1, to the Mac platform. The software stores information with 256-bit AES encryption, tracking all of a user's passwords. eWallet owners can create complex, unique passwords instead of relying on one or two easy-to-remember combinations for financial websites. The software can also sync between a Mac and another computer or an iPhone, iPad or iPod touch. Users can store passwords, credit cards numbers, bank accounts, security verification questions and other sensitive information.
PDF Studio, CoolIris
TM Error Logger 1.2 (free) can display additional details related to Time Machine error messages. Whenever Time Machine reports an error one can use the software to find which file or folder caused the problem and be directly linked to that location in the Finder. Version 1.2 has added additional install instructions and fixed the Donate button for Intel Macs. [Download - 1.8MB]
Live Interior, PDFpen
ProteMac Meter 2.3 ($30) is a network-traffic logging application that allows users to monitor all Internet and network activity. A stopwatch function can be used to time downloads and calculate average transfer rates. Users can also set alarms that will sound if the bandwidth or time limits have been exceeded by a particular application, or if a desired traffic volume has been reached. The update includes a series of bug fixes and had added a series of Local Connections preference controls. [Download - 5MB]
Prospects 1.2 ($30) is a personal finance application that allows users to manage their finances with features such as account monitoring and budgeting. This version adds scheduled transactions and reminders, account reconciling, automatic learning of rules for payees and categories, interface enhancements, the ability to navigate and edit transactions using only the keyboard, transaction filtering, and also fixes numerous bugs. [Download - 5MB]
CheckUp, Giftory, PDFpen
A Better Finder Attributes 4.8 ($15) gives users access to attributes that are not regularly available from the Finder. Users can edit the files modification and creation date and time, allowing users to set pictures dates and times to those of when the picture was taken. Version 4.8 now allows the removal of file create and modification dates so that they display as "--" in the Finder. The new version also features improved preview and error handling. [Download - 1.1MB]
Rohos Logon Key
The first line of defense to keep unauthorized people from messing with your Mac is your password. Choose a simple password and it will be easy for you to type and remember, but also just as easy for someone else to guess. Choose a more complicated password and there’s a good chance you’ll forget or mistype it, and wind up locking yourself out of your own computer. Since passwords can be bothersome to use, consider using the Rohos Logon Key for the Mac.
ADmitMac for CAC
Thursby Software has released of ADmitMac for CAC (AFC) v2.0. AFC securely integrates U.S. Department of Defense Common Access Cards (CAC) with Macs. Using the Active Directory technology of Thursby Software's commercial ADmitMac product, AFC provides a solution for securing Macs without requiring a local password. AFC uses a single sign-on environment to Windows domains, verifying a CAC against a centralized network authority. It further validates that neither the card nor the privileges granted the user have been revoked. Using ADmitMac for CAC replaces the use of passwords with CAC/PIN security using Kerberos PKINIT.