9 C
London
Wednesday, September 20, 2017
Home Tags Intel Security

Tag: Intel Security

In early 2017, Kaspersky Labrsquo;s researchers have discovered an emerging and dangerous trend: more and more cybercriminals are turning their attention from attacks against private users to targeted ransomware attacks against businesses.
Website and Intel Security (McAfee) products excluded from 'Wild West' payouts scheme Intel has launched its first bug bounty program, offering rewards of up to $30,000.…
Report from Intel Security and CSIS discovers 93% of businesses have cybersecurity strategies, but only 49% fully implement them.
VIDEO: Chris Young, Senior Vice-President and General Manager of Intel Security talks about his RSA Conference keynote.
Libraries across the city of St Louis are gradually regaining control of their computer systems, following a malware attack several days ago.Criminals broke into the systems of 17 libraries, disabled them and demanded a ransom...
Increased user awareness of phishing threats, better antivirus technology, more industry-wide information sharing and cross-border efforts by law enforcement authorities will combine to turn the tide against ransomware this year, according to some security experts, but others expect the attacks to continue to increase. According to a security expert who requested anonymity, ransomware cybercriminals took in about $1 billion last year, based on money coming into ransomware-related bitcoin wallets. That includes more than $50 million each for three wallets associated with the Locky ransomware, and a fourth one that processed close to $70 million.

Cryptowall brought in close to $100 million before it was shut down this year.

CryptXXX gathered in $73 million during the second half of 2016, and Cerber took in $54 million, the expert said. Smaller ransomware families brought in another $150 million, and the FBI has reported $209 million in ransomware payments during the first three months of 2016.
In addition to this $800 million or so in known payments, there are many other Bitcoin wallets that are unknown to researchers and uncounted, pushing the estimated total to $1 billion for all of 2016. “The $1 billion number isn’t at all unreasonable and might even be low,” confirmed Mark Nunnikhoven, vice president of cloud research at Trend Micro. “It’s getting difficult to track the amount of money flowing into criminals’ Bitcoin wallets because they’ve started to try and hide the transactions across a large number of wallets,” he added. He said that there was a 400 percent increase in ransomware variants last year, and he expects to see a 25 percent growth in ransomware families in 2016. “What we’re seeing is a bit of a maturation in how to execute these attacks, so we’re expecting a leveling off to a more realistic growth curve,” he said. But criminals will continue innovating because of how profitable ransomware is. “I don’t think we’ll see the 100 percent growth that we saw from 2015 to 2016,” said Allan Liska, intelligence analyst at Recorded Future. “I think we’ll probably see a 50 percent growth.” The markets for stolen medical records, credit card numbers and email addresses are collapsing, he said. “Not only is it taking a while to get paid, but they’re not getting paid as much as they used to,” he said. Meanwhile, ransomware is an easy business to get into, the payout is immediate, and it offers an ongoing revenue stream. “There’s no incentive for them to discontinue ransomware,” he said. Some experts expect growth to be even higher. Successful ransomware attacks will double this year, predicted Tom Bain, vice president at CounterTack. “The reality is that every single customer I speak to, anyone in the industry really, this is their number one concern,” he said. Better defensive technology and collaboration will help, he said, but the problem is going to get worse before it starts to get better. Gartner analysts estimate that there were between 2 million and 3 million successful ransomware attacks in 2016, and that the frequency will double year over year through 2019. “I think they’re right,” said Bain. But not all experts think the future is quite that bleak. Raj Samani, vice president and CTO at Intel Security, predicts that anti-ransomware efforts will begin to pay off in the next few months. “We’ll see a spike earlier on this year, but then I anticipate our efforts with law enforcement to be successful,” he said. Intel, along with Kaspersky Labs, Europol, and the Dutch National High Tech Crime Unit formed an alliance this past summer, No More Ransom.
Since then, more than a dozen other law enforcement agencies have joined up, including Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland, and the United Kingdom.
Several other security vendors have also joined up. “Now that we’ve got more law enforcement agencies on board, and more private sector firms, we expect to see an increase in successful take-down operations,” said Samani. In addition to working together to bring down ransomware operations, the group also distributes free anti-ransomware tools. That, combined with more user awareness about phishing and better detection technologies, will combine to stop the growth of this attack vector, Samani said. “As an industry, we’ve started to develop new products, sandboxing, threat intelligence exchanges,” he said. “It is getting better.” However, he warned that malware authors do have one significant advantage. “There’s an asymmetry of information,” he said. “They have tools and services that will allow them to run their malware through all the anti-virus engines out there.

They can install our products and they know how our products work because we openly talk about them.

This is one of the big security challenges.” This story, "Security expert: Ransomware took in $1 billion in 2016" was originally published by CSO.

US authorities provided technical details to back up their claims that Russian authorities were behind recent cyber attacks on American political targets.

US authorities on Thursday released technical details about the tools and infrastructure that Russian hackers used to compromise the computer systems of multiple American government and private entities.

A brief joint report from the Federal Bureau of Investigation and the Department of Homeland Security outlines what the agencies refer to as Russia's "ongoing campaign of cyber-enabled operations directed at the US government and its citizens."

The report bolsters the FBI's earlier claim that hackers affiliated with Russian intelligence services (RIS) targeted computers at the headquarters of the Democratic National Committee during the final months of the 2016 US presidential election. Two separate Russian organizations gained access to the political party's systems as early as summer 2015, according to the report. The first group used a "spearphishing" campaign that sent an email to more than 1,000 recipients, at least one of whom opened attachments containing malware.

The second Russian group targeted the same political party—the report does not identify the DNC by name—in spring 2016 using a similar phishing campaign, which tricked recipients into visiting a fake website that asked them to change their email passwords. The second attack likely resulted in the "exfiltration of information from multiple senior party members," according to the report.

"Actors likely associated with RIS are continuing to engage in spearphishing campaigns, including one launched as recently as November 2016, just days after the U.S. election," the report concluded.

US authorities did not announce further information about the two groups, nor the specifics of their links to Russian intelligence. The report simply states that "public attribution of these activities to RIS is supported by technical indicators from the US Intelligence Community, DHS, FBI, the private sector, and other entities."

Along with the report, the Obama administration also announced sanctions against Russia for its hacking activities. Using an executive order, President Obama sanctioned the GRU and FSB, Russia's military and civilian intelligence agencies, as well as three companies and four individual members of the GRU that he said provided support to its hacking operations.

"We will continue to take a variety of actions at a time and place of our choosing, some of which will not be publicized," Obama said in a statement. "In addition to holding Russia accountable for what it has done, the United States and friends and allies around the world must work together to oppose Russia's efforts to undermine established international norms of behavior, and interfere with democratic governance."

The Russian response to the sanctions appeared scattered Thursday afternoon, with the Russian embassy in the UK offering a separate statement on Twitter from that of Konstantin Kosachev, the head of Russia's Committee on Foreign Relations.

"The outgoing administration has no grounds, neither political nor moral rights for such harsh and destructive steps towards the bilateral relations with Russia," he told Interfax, a Russian newswire, according to NBC News. "I am sorry for the harsh wording but I don't have other words for it. This not just an agony of the 'lame ducks,' but of the 'political corpses.'"

Although President-elect Donald Trump has downplayed the severity of Russia's hacking efforts, private sector security experts in the US welcomed the sanctions.

"The administration, fellow lawmakers and general public must understand the potentially catastrophic consequences of a digital cyber conflict," Intel Security CTO Steve Grobman said in a statement issued ahead of the sanctions. "We usually consider critical infrastructure to include life-sustaining services such as water, power, transportation, and first responder communications. But, given that election systems are the foundational organs of democracy, we must protect them accordingly."

35 Russian intelligence operatives ejected from the US, and two of the "Cyber Most Wanted" are frozen out by Treasury Department. UPDATED 4:00 PM E.T.

THURSDAY -- The US, today, formally ejected 35 Russian intelligence operatives from the United States and imposed sanctions on nine entities and individuals: Russia's two leading intelligence services (the G.R.U. and the F.S.B.), four individual GRU officers, and three other organizations.

The actions are the Obama administration's response to a Russian hacking and disinformation campaign used to interfere in the American election process. The FBI and the Department of Homeland Security also released new declassified technical information on Russian civilian and military intelligence service cyber activity, in an effort to help network defenders protect against these threats. Further, the State Department is shutting down two Russian compounds, in Maryland and New York, used by Russian personnel for intelligence-related purposes. Plus, the US Department of Treasury sanctioned two members of the FBI's Cyber Most Wanted List, Evgeniy Mikhailovich Bogachev and Aleksey Alekseyevich Belan.
Infosec pros will recognize Bogachev especially as the alleged head of the GameOver Zeus botnet.

A $3 million reward for info leading to his arrest has been available for some time. Treasury sanctioned Bogachev and Belan "for their activities related to the significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for private financial gain.

As a result of today’s action, any property or interests in property of [Bogachev and Belan] within U.S. jurisdiction must be blocked and U.S. persons are generally prohibited from engaging in transactions with them." This is the first time sanctions are being issued under an Executive Order first signed by President Obama in April 2015, and expanded today.

The original executive Order, gives the president authorization to impose some sort of retribution or response to cyberattacks and also allows the Secretary of Treasury, in consultation with the Attorney General and Secretary of State, to institute sanctions against entities behind cybercrime, cyber espionage, and other damaging cyberattacks.

That includes freezing the assets of attackers. The sanctions announced today are not expected to be the Obama administration's complete response to the Russian operations.
In a statement, the president said "These actions are not the sum total of our response to Russia’s aggressive activities. We will continue to take a variety of actions at a time and place of our choosing, some of which will not be publicized." The moves will put pressure on president-elect Donald Trump to either support or attempt to lift the sanctions on Russian officials and entities.

Trump has expressed skepticism at the validity of American intelligence agencies' assertions that such a campaign occurred at all. When asked by reporters Wednesday night about the fact that these sanctions were set to be announced, Trump said, “I think we ought to get on with our lives.
I think that computers have complicated lives very greatly.

The whole age of computer has made it where nobody knows exactly what is going on.  The NY Times reported today that immediate sanctions are being imposed on four Russian intelligence officials: Igor Valentinovich Korobov, the current chief of the G.R.U., as well as three deputies: Sergey Aleksandrovich Gizunov, the deputy chief of the G.R.U.; Igor Olegovich Kostyukov, a first deputy chief, and Vladimir Stepanovich Alekseyev, also a first deputy chief of the G.R.U. From the Times: The administration also put sanctions on three companies and organizations that it said supported the hacking operations: the Special Technologies Center, a signals intelligence operation in St. Petersburg; a firm called Zor Security that is also known as Esage Lab; and the Autonomous Non-commercial Organization Professional Association of Designers of Data Processing Systems, whose lengthy name, American officials said, was cover for a group that provided special training for the hacking. Wednesday, The Russian Ministry of Foreign Affairs' official representative, Maria Zakharova, said in a statement on the ministry's website: "If Washington really does take new hostile steps, they will be answered ... any action against Russian diplomatic missions in the US will immediately bounce back on US diplomats in Russia." 'Proportional' response The news comes after President Obama stated in October that the US would issue a "proportional" response to Russian cyber attacks on the Democratic National Committee.  The administration has used the word "proportional" when discussing cyber attacks before.
In December 2014, while officially naming North Korea as the culprit behind the attacks at Sony Pictures Entertainment, President Obama said the US would "respond proportionately." That attack was against one entertainment company, however, and not a nation's election system, so the proportions are surely different. "We have never been here before," said security expert Cris Thomas, aka Space Rogue, in a Dark Reading interview in October. "No one really knows what is socially acceptable and what is not when it comes to cyber. We have no 'Geneva Convention' for cyber."  According to Reuters reports, "One decision that has been made, [officials] said, speaking on the condition of anonymity, is to avoid any moves that exceed the Russian election hacking and risk an escalating cyber conflict." As Christopher Porter, manager of the Horizons team at FireEye explained in a Dark Reading interview in October, Russian doctrine supports escalation as a way to de-escalate tensions or conflict. "If the US administration puts in place a proportional response, Moscow could do something even worse to stop a future response … I think that is very dangerous." "The administration, fellow lawmakers and general public must understand the potentially catastrophic consequences of a digital cyber conflict escalating into a kinetic, conventional shooting-war," said Intel Security CTO Steve Grobman, in a statement. "While offensive cyber operations can be highly precise munitions, in that they can be directed to only impact specific targets, the global and interconnected nature of computing systems can lead to unintended consequences.
Impacting digital infrastructure beyond the intended target opens the door to draw additional nation states into a conflict.

This increases risk to civilian populations as countries see the need to retaliate or escalate." ORIGINAL STORY: Officials stated Wednesday that the White House will announce, as early as today, a series of measures the US will use to respond to Russian interference in the American election process.

The news comes after President Obama stated in October that the US would issue a "proportional" response to Russian cyber attacks on the Democratic National Committee.  Not all the measures will be announced publicly.

According to CNN, "The federal government plans some unannounced actions taken through covert means at a time of its choosing." Wednesday, CNN reported that as part of the public response, the administration is expected to name names -- specifically, individuals associated with a Russian disinformation operation against the Hillary Clinton presidential campaign. The actions announced are expected to include expanded sanctions and diplomatic actions. Reuters reported Wednesday that "targeted economic sanctions, indictments, leaking information to embarrass Russian officials or oligarchs, and restrictions on Russian diplomats in the United States are among steps that have been discussed." In April 2015, President Obama signed an Executive Order, which gives the president authorization to impose some sort of retribution or response to cyberattacks.

The EO has not yet been used.
It allows the Secretary of Treasury, in consultation with the Attorney General and Secretary of State, to institute sanctions against entities behind cybercrime, cyber espionage, and other damaging cyberattacks.

That includes freezing the assets of attackers. The Russian Ministry of Foreign Affairs' official representative, Maria Zakharova, said in a statement on the ministry's website: "If Washington really does take new hostile steps, they will be answered ... any action against Russian diplomatic missions in the US will immediately bounce back on US diplomats in Russia." 'Proportional' response The administration has used the word "proportional" when discussing cyber attacks before.
In December 2014, while officially naming North Korea as the culprit behind the attacks at Sony Pictures Entertainment, President Obama said the US would "respond proportionately." That attack was against one entertainment company, however, and not a nation's election system, so the proportions are surely different. "We have never been here before," said security expert Cris Thomas, aka Space Rogue, in a Dark Reading interview in October. "No one really knows what is socially acceptable and what is not when it comes to cyber. We have no 'Geneva Convention' for cyber."  According to Reuters reports, "One decision that has been made, [officials] said, speaking on the condition of anonymity, is to avoid any moves that exceed the Russian election hacking and risk an escalating cyber conflict." As Christopher Porter, manager of the Horizons team at FireEye explained in a Dark Reading interview in October, Russian doctrine supports escalation as a way to de-escalate tensions or conflict. "If the US administration puts in place a proportional response, Moscow could do something even worse to stop a future response … I think that is very dangerous." "The administration, fellow lawmakers and general public must understand the potentially catastrophic consequences of a digital cyber conflict escalating into a kinetic, conventional shooting-war," said Intel Security CTO Steve Grobman, in a statement. "While offensive cyber operations can be highly precise munitions, in that they can be directed to only impact specific targets, the global and interconnected nature of computing systems can lead to unintended consequences.
Impacting digital infrastructure beyond the intended target opens the door to draw additional nation states into a conflict.

This increases risk to civilian populations as countries see the need to retaliate or escalate." Related Content:   Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ...
View Full Bio More Insights
US expected to name and sanction some individuals involved in disinformation campaign as early as today, and conduct other covert responses at a time of its choosing. Officials stated Wednesday that the White House will announce, as early as today, a series of measures the US will use to respond to Russian interference in the American election process.

The news comes after President Obama stated in October that the US would issue a "proportional" response to Russian cyber attacks on the Democratic National Committee.  Not all the measures will be announced publicly.

According to CNN, "The federal government plans some unannounced actions taken through covert means at a time of its choosing." Wednesday, CNN reported that as part of the public response, the administration is expected to name names -- specifically, individuals associated with a Russian disinformation operation against the Hillary Clinton presidential campaign. The actions announced are expected to include expanded sanctions and diplomatic actions. Reuters reported Wednesday that "targeted economic sanctions, indictments, leaking information to embarrass Russian officials or oligarchs, and restrictions on Russian diplomats in the United States are among steps that have been discussed." In April 2015, President Obama signed an Executive Order, which gives the president authorization to impose some sort of retribution or response to cyberattacks.

The EO has not yet been used.
It allows the Secretary of Treasury, in consultation with the Attorney General and Secretary of State, to institute sanctions against entities behind cybercrime, cyber espionage, and other damaging cyberattacks.

That includes freezing the assets of attackers. The Russian Ministry of Foreign Affairs' official representative, Maria Zakharova, said in a statement on the ministry's website: "If Washington really does take new hostile steps, they will be answered ... any action against Russian diplomatic missions in the US will immediately bounce back on US diplomats in Russia." 'Proportional' response The administration has used the word "proportional" when discussing cyber attacks before.
In December 2014, while officially naming North Korea as the culprit behind the attacks at Sony Pictures Entertainment, President Obama said the US would "respond proportionately." That attack was against one entertainment company, however, and not a nation's election system, so the proportions are surely different. "We have never been here before," said security expert Cris Thomas, aka Space Rogue, in a Dark Reading interview in October. "No one really knows what is socially acceptable and what is not when it comes to cyber. We have no 'Geneva Convention' for cyber."  According to Reuters reports, "One decision that has been made, [officials] said, speaking on the condition of anonymity, is to avoid any moves that exceed the Russian election hacking and risk an escalating cyber conflict." As Christopher Porter, manager of the Horizons team at FireEye explained in a Dark Reading interview in October, Russian doctrine supports escalation as a way to de-escalate tensions or conflict. "If the US administration puts in place a proportional response, Moscow could do something even worse to stop a future response … I think that is very dangerous." "The administration, fellow lawmakers and general public must understand the potentially catastrophic consequences of a digital cyber conflict escalating into a kinetic, conventional shooting-war," said Intel Security CTO Steve Grobman, in a statement. "While offensive cyber operations can be highly precise munitions, in that they can be directed to only impact specific targets, the global and interconnected nature of computing systems can lead to unintended consequences.
Impacting digital infrastructure beyond the intended target opens the door to draw additional nation states into a conflict.

This increases risk to civilian populations as countries see the need to retaliate or escalate." Related Content:   Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ...
View Full Bio More Insights

Steganos Password Manager 18

Münich-based software publisher Steganos is all about privacy. The company offers encryption, VPN, secure deletion, and other privacy-related tools. Naturally, the lineup includes a password manager. Steganos Password Manager 18 doesn't have the high-end features that typify the very best password managers, though, and even its more mundane features didn't always work in testing.

Your one-time payment of $24.95 gets you licenses to install the application on up to five PCs. The licenses don't expire, but they also don't automatically update to the next version. You can also tie any number of iOS or Android devices to your account. This pricing is a bit hard to compare with the competition. RoboForm Desktop is also a one-time fee, $29.95 in this case, but it doesn't sync across multiple devices. Dashlane costs $39.99 per year and puts no limits on the number of PC, macOS, Android and iOS devices. Just one dollar per month lets you use LastPass Premium on all your devices. And of course, some competitors, such as LogMeOnce Password Management Suite Premium, are completely free.

Getting Started

When you go to download Steganos, you're likely to find that it comes with a trial of the full Steganos Privacy suite. This suite includes, among other things, a file shredder, several forms of encryption, and the Steganos Online Shield VPN. In this review, I focus strictly on the password manager.

Once you've installed the product, it opens to a big, empty window, with instructions on how to proceed. With Steganos, you can create multiple password databases, which it calls keychains. Multiple users on one PC could have their own keychains. But nothing happens until you select New from the File menu, to create your first keychain.

As with most password managers, Steganos starts you off with the creation of a master password. You can type it using a virtual keyboard, or create it using the unusual PicPass feature. I'll go into detail about those below. As you type in your password, Steganos fills in five lock icons, and displays a description of your password's strength. At one lock, it says, "This password can probably be guessed." If you make it to five locks, it declares, "This password cannot be identified by intelligence agencies." Interestingly, it also reports the number of word fragments found in the password.

There's also an option to store the master password on a USB device. This isn't precisely two-factor authentication, since the USB device replaces the master password for authentication. In addition, you can't sync with mobile devices if you choose USB authentication. True Key and LogMeOnce Password Management Suite Ultimate both allow authentication using multiple other factors, without the need for a master password. In fact, passwordless login is the default for LogMeOnce.

Steganos installs the necessary browser extension in Internet Explorer automatically, and there's a menu option to install it in Chrome. Firefox is also supported, but in testing I could not get the extension to load. Even after reinstallation, Firefox reported the extension as corrupt. An Edge extension is in the works, pending approval by Microsoft. True Key by Intel Security is the only competitor I've encountered that has a working extension for Microsoft Edge.

Dashlane, Sticky Password Premium, and most password managers that let you sync your passwords across multiple devices handle syncing internally. Not Steganos. If you want to sync between devices, you must configure it to store your keychain in your existing cloud storage services. It supports Dropbox, Google Drive, and OneDrive, as well as the Europe-centric Magenta Cloud. Setting up the connection is simple enough, and of course your data is encrypted before it's sent to the cloud. Still, this might be a good time to toughen up the password on your cloud storage.

There is one more option for syncing among devices, but it's not something most users would want to mess with. If you choose File export, Steganos saves your data in a portable, shareable form. Importing that data on another PC isn't so tough, but getting it onto an Android or iOS device is a pain.

Password Capture and Replay

Like almost all password managers, Steganos notices when you log in to a secure site and offers to save your credentials. Some products slide in a notification at the top of the browser window, some create a popup within the browser, and others use a totally separate popup. Steganos is among the last group, and I found that its popup consistently got stuck behind the browser. You can give the new entry a friendly name at this time, but you can't assign it to a category.

If you're switching to a new password manager, the ability to import passwords from the product you're leaving behind is a big plus. LastPass can import from more than 30 competitors, and KeePass from nearly 40. Steganos imports from just two, KeePass 2.34 and 1Password; to me these seem like odd choices.

Dashlane, LastPass, Password Boss Premium, and True Key don't just import passwords stored insecurely in your browsers. They also delete those passwords from the browser, and turn off browser-based password capture. Alas, Steganos doesn't import from browsers at all.

When you revisit a secure site, the default behavior is for Steganos to automatically fill in the saved credentials. You can turn off this behavior and manually call on the browser extension when you want it to fill in the data. As is typical, if you have multiple sets of credentials saved, it offers a menu.

While most websites use standard login screens, easily understood by password managers, some of them march to a different drummer. If you run into a login that Steganos doesn't capture automatically, you can do it manually. Just sign out, reenter your credentials, and (in Chrome) choose "Save form to keychain" from the toolbar button's menu. In testing, I found that in IE the equivalent Save Form button did not work. LastPass, Sticky Password, and RoboForm Everywhere 7 have a similar ability to capture passwords on demand.

Many password managers turn your data into a menu of saved websites. Just click the toolbar button and choose a site to both navigate there and log in. With Steganos, you open the main application window and launch from there.

The Steganos application must be running any time you want to use its browser extensions. That's a bit different from many competing products. I kept accidentally shutting it down, when all I really wanted to do was get it out of the way. The correct way to handle that situation is to minimize the application down to its tiny desktop widget. From the widget, you can restore the main window, or drag/drop the username and password for the selected login.

Password Generator

When you're editing one of your saved password entries, you can invoke the built-in password generator to provide a strong new password. However, it's up to you to go to the site and put your new password in place. Steganos doesn't automatically offer the password generator when you're setting up a new online account, either.

The password generator defaults to creating 16-character passwords, which is good. But it only uses uppercase letters, lowercase letters, and digits, by default. I advise adding special characters to the mix. Interestingly, Steganos seeds its random number generator before each password generation event by using your own mouse movements.

Organizing Passwords

As noted, you can assign a friendly name at the time Steganos captures a set of login credentials. That name is what appears in the main window's password list. When you click an item in the list, its details appear at right. You can click Edit to change those details—all except the friendly name. To change that name, you must right-click it in the list.

To start, all your passwords simply appear directly below the root of the tree. If you prefer a more organized approach, you can create any number of categories, which become branches in the tree display. You can even create nested categories, something that few password managers allow. RoboForm, Sticky Password, and LastPass 4.0 Premium are among the few that permit multilevel categories.

I assumed that organizing my saved logins would be a simple matter of dragging them in to the desired category, the way you do with LastPass. It's not. Instead, you right-click the entry and select its new location in the tree.

Portable Edition

With LastPass, Dashlane 4, LogMeOnce, and other Web-centric password managers, you can log into your password database from any computer. Steganos requires installation of its app on a PC, and doesn't make your cloud-connected database available without it.

However, if you anticipate needing to use the app on an unfamiliar computer, you can create a portable edition on any USB device. Just select the keychain, select the device, and you're done. Any future changes you make in the main app don't appear in the portable edition, so you should recreate the portable edition frequently. In addition, all the data in the portable edition is read-only.

PicPass and Virtual Keyboard

Some people have no trouble remembering a strong password based on a favorite song or quote. Others are more visual, and for those people Steganos offers PicPass. When you choose to define or redefine your master password using PicPass, you start with a grid of 36 photos or 36 symbols. You proceed to click on as many of the pictures as you think you can remember, and then repeat that same pattern of picture-clicks.

However, there's a catch. The 36 pictures correspond to the 10 digits and 26 uppercase letters, and your fancy pattern of clicks gets translated into a mundane password like 1UB3OX. Steganos doesn't hide this fact; it even offers to display the generated password. Yes, you can make the PicPass process tougher by having Steganos scramble the picture locations, but doing so just makes it harder for you to get the right sequence. It doesn't make the password itself more resistant to brute-force cracking.

Limited Web Form Filling

Steganos lets you store a very limited set of personal data, little more than name, address, email, phone, and birthdate. There's no option to store multiple profiles such as you get with LastPass, Dashlane, and others. And there's certainly no ability to create multiple instances of data fields the way you can in RoboForm. You can enter data for any number of bank accounts and credit cards, and sync these between your devices, but the app does not use these to fill Web forms.

In testing, I found that the Web form-filling feature worked correctly in Chrome, but didn't work in Internet Explorer. In some cases, it immediately filled personal data into the form's fields. In other cases, I had to select "Fill form now" from the toolbar button's menu.

Mobile Options

If you want to use Steganos for logging into secure sites on your mobile devices, you must configure your account to use one of its cloud storage options. Install the free Steganos Mobile Privacy from the Google Play store or Apple App Store, connect it with your cloud storage, and enter your master password. You're ready to go.

I installed the app on a Nexus 9, just to get a feel for it. The PC edition's tree display is absent, so you have to either dig down to the entry you want or use the handy search box. Tapping an entry opens the corresponding website in the app's internal browser and logs you in. There's no integration with other browsers installed on the device.

Like the portable edition, the mobile edition is read-only. If you want to add or edit password entries, credit card data, or anything else, you must do it on your PC. But if all you want is quick mobile access to your secure websites, it does the job.

You Can Do Better

It's nice to see a password manager that charges a one-time fee rather than a per-year subscription, but there are disadvantages, too. That yearly subscription pays other vendors for things like server space to hold your encrypted data. With Steganos Password Manager 18, you supply that storage yourself, in the form of an account with one of the big cloud storage providers. Steganos also lacks the advanced features found in the very best password managers. In testing, even the simpler features it does contain didn't always work perfectly.

If the low, one-time price really resonated with you, you're probably better off getting one of our top free password managers instead. For those willing to pay a bit, we've identified several password managers worthy of the title Editors' Choice. LastPass 4.0 Premium costs just a dollar a month, and it has tons of features. LogMeOnce Password Management Suite Ultimate 5.2 beats all the competition feature-wise, with some security elements not found in any competitor. Dashlane 4 goes for streamlined ease of use, with advanced features including an actionable password strength report, secure password sharing, and account inheritance.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page. These commissions do not affect how we test, rate or review products. To find out more, read our complete terms of use.

McAfee VirusScan Enterprise for Windows scriptproxy COM object contains a memory corruption vulnerability.
In the modern cyber-security landscape, security vendors have been pushing the idea of visibility and alerting tools to help improve enterprise security.

According to Intel Security's McAfee Labs Threat Report for December 2016, many of the alerts that...