Intelligent CISO Issue 24 | Page 25

threat updates UK Researchers at the University of York have shown that some commercial password managers (depending on the version) may not be a watertight way to ensure cybersecurity. After creating a malicious app to impersonate a legitimate Google app, they were able to fool two out of five of the password managers they tested into giving away a password. The research team found that some of the password managers used weak criteria for identifying an app and which username and password to suggest for autofill. This weakness allowed the researchers to impersonate a legitimate app simply by creating a rogue app with an identical name. GLOBAL Princess Cruises, the cruise liner forced to halt its global operations after two of its ships confirmed on-board outbreaks of Coronavirus (COVID-19), has now confirmed a data breach. The notice posted on its website, believed to have been posted in March, said the company detected unauthorised access to a number of its email accounts over four months between April and July 2019, some of which contained personal information on its employees, crew and guests. www.intelligentciso.com | Issue 24 25