‘Phish for the Future’ spearphishing campaign set digital civil liberty activists in its sights

One attack masqueraded as a YouTube comment to a legitimate video uploaded by the targe. Another posed as the target’s husband under the pretense of sharing family photos.

David Bisson reports.

1 min read

Millions of Dropbox users are being advised to change their passwords

Yes, hackers did manage to steal millions of account credentials back in 2012.

Make sure you have protected your account, and enabled two-step verification.

1 min read

The huge Dropbox password leak that wasn’t

Recent claims from identity theft protection firms that Dropbox has suffered a massive password breach should be treated with suspicion.

But do remember to enable two-step verification, please!

1 min read

How to protect your Dropbox account with two-step verification (2SV)

David Bisson explains how you can protect your Dropbox account from hackers with two-step verification.

2 min read

Dropbox users continue to unwittingly leak tax returns and other private data

Almost 18 months after the issue was first made known to Dropbox, unauthorised users continue to receive links to personal, private information stored on the file-sharing service.

2 min read


Dropbox beefs up security of shared links – for business users at least

Dropbox introduces new features to better protected shared links on the service, but is it enough to convince your company to embrace the popular file-syncing app?

Read more in my article on the Tripwire State of Security blog.

0 sec read

Lingerie-wearing spammers find a good home in Dropbox

Don’t help spammers buy a whole new wardrobe by visiting their X-rated webcam websites.

1 min read

Dropbox told about vulnerability in November 2013, only fixed it when the media showed interest

I think it’s a pretty sad state of affairs that months can pass, and the BBC has to be called in, before a service like Dropbox takes seriously a security concern impacting the privacy of its users.

1 min read

Dropbox users leak tax returns, mortgage applications and more

If you are using file-sharing systems like Dropbox and Box without proper care and attention, there is a risk that you could be unwittingly leaking your most private, personal information to others.

3 min read

You don’t have to be a major Hollywood studio to see the IP risks in cloud file locker services

Dropbox has made it far easier for the general public to violate Intellectual Property laws.

But it’s not just movies. Confidential corporate information, which can include sensitive legal documents, sales projection slides, customer spreadsheets, and proprietary software, can also be at risk.

2 min read

You’ve uploaded files to Dropbox. But just how private are they?

Dropbox admits it is checking files shared publicly on its systems for copyright infringements.

If you don’t like it, you have to start securely encrypting your data *before* you upload it to the cloud.

2 min read

Mailbox tries (and fails) to fix Javascript security hole

The researcher who rang alarm bells about a serious Javascript security hole in the popular Mailbox iPhone app, says that there is still a problem – even though the company itself believes it has resolved the issue.

1 min read

Mailbox iPhone app suffers from serious Javascript flaw, researcher discovers

An Italian security researcher has discovered that the popular Mailbox app for iPhones and iPads will execute *any* Javascript which is present in the body of HTML emails, opening the door for exploitation.

1 min read

Correct​horse​battery​staple – the guys at Dropbox are funny

Remember that famous xkcd cartoon, suggesting passphrases like “correcthorsebatterystaple” are harder for hackers to crack than the likes of “Tr0ub4dor&3”?

Well, I’m full of admiration for whoever the web developer was at Dropbox who implemented this on their sign-up form…

10 sec read