Review: Keepass

Keepass is a Password Manager, which helps you to remember your password and make secure passwords for you. Securing your online accounts is becoming more and more important, and using unique passwords for each account is very important to avoid that your other accounts get hacked when a single website or service leaked your information. This way it will only compromise the account of the website or service that was breached, and not your other online identities and accounts.

You can also store notes or text inside the database and protect it, which could be useful for order numbers, messages, logs, financial information, …
Keepass also supports the encryption of files through its Attachment system, but it’s not very clear. You could add an entry which is not a password, and through the advanced options you can add any file to that entry.

Keepass offers good security. It encrypts the database that stores your accounts and passwords with AES/Twofish algorithm. You can chose to install the program to your computer, or use a portable version to deploy it on a cloud or keep it on a usb drive. As extra security layers, Keepass also is hardened against dictionary (guessing) attacks, it protects your passwords while keepass  is running and makes it impossible for an attacker to read the password while it remains in the computer’s memory or when it’s being written to the disk.

Your database is protected by encryption, and accessing the database can only be done in the way you set it up. For example if you chose to protect the database with a “Master Password”, only that master password can unlock the database. You can also use a key file or the windows user account, which I do not recommend using.

Password Generation

generator dialog

Keys can be generated by the program itself by a pseudo-random number generator. Since computers can’t make random numbers, we have to rely on complex algorithms. Keepass uses a wide combination of factors to make the password as random as it can (which is extremely good and well executed compared to other solutions). Such factors are random number generators given by the computer, the current time, operating system version, hardware uuid’s, processor count, memory and process statistics, and tons more.

This makes the system very robust and makes even trying to hack away at the number generator to predict numbers in advance less likely.

Additional Security

While no system is perfect, Keepass offers more ways to mitigate against attacks and intercepting your password. For example with TCATO (two channel auto type obfuscation) when the password gets ‘transferred’ by copy pasting through the clipboard, it will obfuscate the password with false keys, which make it harder for an attacker to use a clipboard copy tool or a key logger to gather your password. This function is not enabled by default due to compatibility issues that might happen.

For more information and for downloads, please visit the official Keepass website at http://keepass.info

US Government released data that Russia used Ukrainian PHP Malware

The Department of Homeland Security and the Office of the Director of National Intelligence, have released their JAR, also known as a Joint Analysis Report. They called it the GRIZZLY STEPPE JAR. You can read the full publication at https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity or you can download it from our site. JAR_16-20296A_GRIZZLY STEPPE-2016-1229

“The US Government confirms that two different RIS actors participated in the intrusion into a US political party. The first actor group, known as Advanced Persistent Threat (APT) 29, entered into the party’s systems in summer 2015, while the second, known as APT28, entered in spring 2016.” from the Joint Analysis Report GRIZZLY STEPPE

 

Continue reading “US Government released data that Russia used Ukrainian PHP Malware”

DROWN SSLv2 Vulnerability Rears Ugly Head, Puts One-Third of HTTPS Servers At Risk – TrendLabs Security Intelligence Blog

 

A “new” and important vulnerability has been discovered that affects HTTPS and other services that rely on SSL/TLS implementations. This flaw is in the SSLv2 protocol, and affects all implementations. Researchers refer to this attack as DROWN – short for “Decrypting RSA using Obsolete and Weakened eNcryption”. This attack allows attackers to read or steal information sent via the “secure” connection. No attacks in the wild are currently known.

Source: DROWN SSLv2 Vulnerability Rears Ugly Head, Puts One-Third of HTTPS Servers At Risk – TrendLabs Security Intelligence Blog