Password manager LastPass has added a new feature to its software: the ability to store two-factor authentication codes. This is great news. For hackers.Increasingly, people with sense use two-factor auth as a way of ensuring that it is much harder for miscreants to break into their accounts, and to detect if anyone is anyone is trying to do so. A crook needs to know not only a victim’s username and password, but also have their two-factor code to log in.Typically, what will happen is that when you try to log into an account – say, a bank account – the process will send a one-off code to a device that it knows belongs to you (typically a mobile phone) and require that code to be entered before moving forward.

SAN FRANCISCO — Evan Williams is the guy who opened up Pandora’s box. Until he came along, people had few places to go with their overflowing emotions and wild opinions, other than writing a letter to the newspaper or haranguing the neighbors.Mr. Williams — a Twitter founder, a co-creator of Blogger — set everyone free, providing tools to address the world. In the history of communications technology, it was a development with echoes of Gutenberg.And so here we are in 2017. How’s it going, Mr. Williams?“I think the internet is broken,” he says. He has believed this for a few years, actually. But things are getting worse. “And it’s a lot more obvious to a lot of people that it’s broken.”People are using Facebook to showcase suicides, beatings and murder, in real time. Twitter is a hive of trolling and abuse that it seems unable to stop. Fake news, whether created for ideology or profit, runs rampant. Four out of 10 adult internet users said in a Pew survey that they had been harassed online. And that was before the presidential campaign heated up last year.

North Korea’s main spy agency has a special cell called Unit 180 that is likely to have launched some of its most daring and successful cyber attacks, according to defectors, officials and internet security experts.North Korea has been blamed in recent years for a series of online attacks, mostly on financial networks, in the United States, South Korea and over a dozen other countries.Cyber security researchers have also said they have found technical evidence that could link North Korea with the global WannaCry ”ransomware” cyber attack that infected more than 300,000 computers in 150 countries this month. Pyongyang has called the allegation ”ridiculous”.The crux of the allegations against North Korea is its connection to a hacking group called Lazarus that is linked to last year’s $81 million cyber heist at the Bangladesh central bank and the 2014 attack on Sony’s Hollywood studio. The U.S. government has blamed North Korea for the Sony hack and some U.S. officials have said prosecutors are building a case against Pyongyang in the Bangladesh Bank theft.

With the clock ticking on whether a global hacking attack would wipe out his data, Bolton Jiang had no intention of paying a 21st-century ransom.Since a week ago, when the malware first struck, Mr. Jiang had been fixing and replacing computers at the electronics company where he works in Shanghai. Meeting the hackers’ demands was a bother, he said, and there was no guarantee he would get his data back.“Even if you do pay, you won’t necessarily be able to open the files that are hit,” he said. “There is no solution to it.”Tens of thousands of computer users around the world made the same decision, refusing to pay the anonymous hackers behind the ransomware attack known as WannaCry. The attackers had demanded that individuals pay up to $600 by Friday to regain control of their machines, or face losing their data.

For Kris Hagerman, chief executive of UK-based cyber security firm Sophos Group Plc (SOPH.L), the past week could have been bad. The WannaCry ”ransomware” attack hobbled some of its hospital customers in Britain’s National Health Service, forcing them to turn away ambulances and cancel surgeries.The company quickly removed a boast on its website that “The NHS is totally protected with Sophos.” In many industries, that sort of stumble would likely hit a company’s reputation hard.Yet on Monday, three days after the global malware attack was first detected, Sophos stock jumped more than 7 percent to set a record high and climbed further on Wednesday after the company raised its financial forecasts.As for most other cyber security firms, highly publicized cyber attacks are good for business, even though experts say such attacks underscore the industry’s failings.

For whatever reason, smartphones have caused people to let their guard down — and scammers are taking advantage of the fact that many people will open just any text or email they receive on their phone.But as these scams continue to evolve, criminals are still finding effective ways to target consumers using many of the same old tactics that have been around for a whole lot longer than smartphones.After a recent attack targeted Apple users via text message, scammers are now going after them in a different way.Read more: Massive data breach may have leaked your personal data from thousands of sites

According to a recent report, criminals are calling Apple iCloud users and claiming that their account has been hacked.The caller claims to be from Apple’s support team in an effort to trick unsuspecting victims into handing over access to their computer or account, according to Daily Beast senior editor Mochael Weiss, who received one of these calls himself recently.