Due to the recent LastPass incident and ongoing discovery of the impact of the breach, a person’s LastPass master password is all that remains between an adversary and all of their maintained passwords. LastPass warns that a successful brute-force attempt on users that followed the suggested master password guidelines is unlikely, but this has been...Read More

Using Keep Aware, our clients have detected an attack type that we have dubbed “Notification Hijacking.” The attack involves malicious redirects that manipulate users to enable browser notifications. These notifications can then be used to deliver malware payloads, phishing attacks, or other malicious content. This blog post provides an analysis of browser notification attacks that...Read More