According to the Russian security giant, the staffer temporary switched off the antivirus protection on the PC, and infected his personal computer with malware from a product key generator while trying to use a bootleg copy of Office.
Users can configure Kaspersky's software to not send suspicious samples back to Mother Russia for scrutiny, however, in this case, the NSA staffer didn't take that option, allowing the highly sensitive files to escape.
Kaspersky's argument is that anyone could have abused the backdoored key generator to remotely log into the machine and steal the secrets the NSA employee foolishly took home, rather than state spies abusing its antivirus to snoop on people.
On September 11, 2014, Kaspersky's software detected the Win32.GrayFish.gen trojan on the NSA staffer's PC. Some time after that, the employee disabled the antivirus to run an activation-key generator designed to unlock pirated copies of Microsoft Office 2013. The malicious executable was downloaded along with an ISO file of Office 2013.
Unfortunately there isn't any standard password database format. Every passwordmanager uses its own file format. Anyway, almost all support exporting to CSV or XMLfiles. This sounds good at first glance, but CSV and XML files aren't specialized passworddatabase formats, they only specify a low-level layout of the stored data (for CSV: data fieldsare separated by commas; for XML: hierarchical form using tags). These formats do notspecify the high-level arrangement of the data (for CSV: order/meaning of the fields; forXML: tag names and structure). Because of this, many users are confused when application #1exports data to CSV/XML and application #2 can't read the CSV/XML file, although it claimsthat it can read those files.
This help page details the expected CSV and XML file formats. Knowing the formats whichKeePass expects, you can reformat CSV and XML files exported by other password managers tomatch the KeePass formats. CSV files can be reformatted using e.g. LibreOffice Calc(see below).XML files can be reformatted using an XML editor.
KeePass can import many password database formats directly (see top of this page).Additionally, there are specialized KeePassplugins availablefor importing more formats (like AnyPassword CSV, Oubliette files, PINs TXT, ZSafe files,and many more). Using these plugins, you don't need to manually reformat the output ofother password managers; you can directly import the exported files.
The 'Account' field in a CSV file corresponds to the title field ofa KeePass entry, 'Login Name' corresponds to the user name,'Web Site' corresponds to the URL, and 'Comments' correspond to the notes.The CSV field names differ from the KeePass entry field namesin order to ensure the compatibility with certain other applications.
For a detailed example, download this file:FileSample_CSV.zip.This file is zipped only in order to ensure correct encoding (if not zipped, browsers ordownload managers could automatically convert the file to a different encoding). When importinga CSV file, it must not be zipped!
Microsoft Excel by default does not enclose fields in quotes (").It is recommended that you useLibreOffice Calcto create a correct CSV file (see below), or use the Generic CSV Importerof KeePass 2.x (import your CSV file into KeePass 2.x, then export the data to aKeePass 1.x KDB file), or fix the CSV file by manually adding the quotes using a text editor.
If you want to transfer data between KeePass 1.x databases, you mustnot change the default export options of KeePass.Do not export additional fields or uncheck any options, otherwiseKeePass will not be able to re-import the CSV file, because it does not comply to thespecification above any more.
You can download a detailed XML sample file here:FileSample_XML.zip.This file is zipped only in order to ensure correct encoding (if not zipped, browsers ordownload managers could automatically convert the file to a different encoding). When importinga XML file, it of course must not be zipped!
KeePass 2.x features a generic CSV importer.This tool can import almost all CSV formats. The CSVfiles are loaded and you can manually specify the encoding / character set, assign columnsto data fields, and specify how the low-level structure looks like (usage of quotes, etc.).
CodeWallet is a password manager that supports different card types (fields).KeePass cannot know which of the CodeWallet fields correspond to the KeePassstandard fields (title, user name, ...), because they don't have fixed names (language-dependent,user-customizable, ...).Therefore all fields from the CodeWallet file are imported into custom string fieldsof KeePass entries. After importing the file, you can move some of the stringsto the correct standard fields (by clicking the 'Move' button on the second tab pageof the entries dialog.
Warning! It is possible that the transfer fails and that KeePass accidentlyoverwrites your existing passwords in Steganos Password Manager. Therefore, back up yourSEF file before starting the import! In any case you should restore your passwords byrestoring the backup you just created after the import process! Even if you thinkKeePass hasn't changed anything, restore from the backup!
Unfortunately Steganos Password Manager (SPM) lacks any form of export functionality. As theSEF file format (in which the data is stored) is proprietary and no specificationis available, KeePass needs to try to get all the data out of the windows ofSPM.
Properties of the parent groups (icons, notes, auto-type settings, etc.)are exported, if the selected file format supports them.When importing a file, the properties of the groups in the current databasemay be overwritten by the properties of the groups in the file(depending on the import mode and the last modification times).
Late last week, Kaspersky Lab added Polyglot decryption keys to its Rannoh Decryptor, which also decrypts files encrypted by Rannoh, CryptXXX and Fury ransomware, and is available on NoMoreRansom.org.
Some might think of CTB-Locker, a/k/a Critroni, as almost vintage ransomware at this point. It was one of the first crypto ransomware strains to really make some noise, more than two years ago. The ransomware began making the rounds in June 2014, circulating via spam messages. The malware was notable at the time for using elliptic curve crypto to encrypt files and using Tor to communicate with its command and control server.
Imagine you want to get a random char from a charset of 10 possible chars, and you have a random number generator method GetRandom32 which outputs number between 0 and 32 (32 excluded). The straightforward way to output such char would be:
Dedicated techniques such as Markov generator, which assume that there is a hidden Markov model in the way passwords are generated by humans, can directly break this method of generation (see Fast Dictionary Attacks on Passwords Using Time-Space Tradeoff for more details).
However, if an attacker knows that a password has been generated by KPM, he can adapt his tool to take into account the model followed by KPM. As these passwords are, in a certain sense, biased (to tackle password crackers), this bias can be used to generate the most probable passwords generated by this tool, and test them first. A straightforward way to do it could be to use a Markov generator, as the one provided by John the Ripper (This method has not been tested).
The problem with this generator is that it is not a CSPRNG. Knowing a few of its ouputs (624 in that case) allows to retrieve its full state, and to predict all the values it will generate, plus all the values it has already generated (see Berlekamp-Massey or Reeds-Sloane algorithms).
Since a password manager is first and foremost a security tool, it should come with all of the most up-to-date standard security features. This includes the highest level of available encryption (256-bit AES with PBKDF2-HMAC-SHA512); two-factor authentication, such as biometric logins or multi-factor authentication, and a password generator.
A password manager can protect more than just your passwords. Many password managers, such as Password Boss, offer a secure place to store all sorts of digital files and documents. Digital record storage is a standard feature across all Password Boss password manager plans, including its free plan. The company also offers a Premium plan and a Family plan. Other standard features include unlimited password storage; a digital wallet, and easy, secure password sharing. Individuals who upgrade to the Premium plan get a wealth of additional features, including unlimited devices; auto-filling; two-step verification; an automatic password generator; unlimited sharing of saved items, and more. 2b1af7f3a8