How to prevent a video call hack.  How to switch password managers.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 23 February 2022, 0324 UTC.

Content supplied by “PCMag Security Watch.”


Please click link or scroll down to read your selections.

Trouble viewing this email? View in a browser
How to Prevent Hacks in Microsoft Teams Meetings
Early in the pandemic, when working from home was novel for many and video conferencing calls were new, zoom-bombingstarted to become a problem for businesses and schools. There was no telling when a prankster may show up, possibly in a state of undress or spewing obscenities, to ruin a call in progress. 

These days, zoom-bombers have more nefarious plans. According to email security provider Avanan, hackers are infiltrating Microsoft Teams meetings and dropping links to malware in the chat. The hackers may be getting into the meetings after compromising email accounts belonging to employees. Avanan, owned by security firm Check Point Software, warns hackers could be stealing login credentials for Microsoft 365 through email phishing campaigns.  

Once the hacker gets into a meeting, they drop a malicious executable file masquerading as a legitimate program called “User Centric.” If anyone downloads and installs the file, the Trojan program drops malicious DLL files, allowing the hacker to hijack the system from afar.

How can you prevent a hack attempt during your Microsoft Teams video calls? The following three tips will help.

1. Get verbal confirmation. 
If someone drops a link into the chat, ask about the link’s purpose before you click it. Hackers can impersonate your coworkers by stealing their login credentials, so you can never be too careful about what you download.

2. Install antivirus software and keep it running. 
Microsoft Teams has built-in antivirus detection with Microsoft 365, but Avanan claims the scanning has been slow to identify real-time attacks.

3. Protect your logins with a password manager.
Stop using the same login credentials all over the web. Use a password manager to create and store unique and strong passwords for work and personal browsing.

Get this from a friend? Get it delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.

Switching to a New Password Manager

If your password manager doesn’t have all the features you want or need, it’s time to make a switch. Luckily, most password managers offer free trials of their premium tiers, so you can bounce around between services before finding the one that’s right for you.

The best password manager is one that’s easy to use, so you don’t go back to storing your credentials on sticky notes, or worse, using the same passwords for every login around the web. Finding your perfect password manager may take some trial and error, but luckily switching is easy.

How to Export and Import Your Current Passwords

If you’re ready to switch from one password manager to another, the easiest way is to export your credentials from your current password manager to a file on your computer that you import into your new password manager.


Many services allow you to save the file with the service’s special file name. The service may allow you to export login information such as usernames and passwords via a CSV file, too.


After you’ve saved your old passwords to your computer, install the new password manager. During the setup process, the password manager will ask if you want to import your current password information, which is where your new files come in. Import either the specialized file or the CSV file to the new password manager, and you’re ready to go!

While exporting and importing is often the simplest method, there are other ways to switch password managers you can try if this one doesn’t work for you. 

Stay safe,

Kim Key
PCMag Security Analyst

What Else Is Happening in the Security World This Week?

OpenSea Investigates High-Profile NFT Thefts. The company is still trying to determine how the NFTs were stolen.

US Accuses Russia of Launching DDoS Attacks to Destabilize Ukraine. The US says it observed technical evidence linking this week’s attacks on Ukrainian banks to a Russian military intelligence service.

Do I Need a VPN at Home? Staying in is the most effective way to protect yourself during the pandemic, and that means a lot more time online at home. A VPN can help secure that critical connection.

US Accuses Russian Hackers of Stealing Sensitive Defense Data From Contractors. US officials say Russian hackers have stolen data pertaining to US weapons and aircraft development, sometimes by targeting corporate users of Microsoft 365.

Trump’s Truth Social Can Only Make Mastodon Stronger. The Trump-backed Twitter lookalike just launched earlier this week, and for better or worse, it will draw more attention than ever to the social network.

If you buy something from our links, we may get a commission from the sale. Learn more here.
Up to $400 off Surface Devices & PCs, First Month of PC Game Pass for $1
What to Do When You’ve Been Hacked

FBI: Don’t Fall for This Money-Transfer Video-Chat Scam

Google Patches Actively Exploited Chrome Zero-Day Vulnerability

Data Protection Watchdog: The EU Should Ban Pegasus and Other Spyware

QNAP to Release Security Updates for Select ‘End of Life’ Devices

Want more deals like these delivered to your inbox?
Dell Presidents Day Sale New Doorbuster Deals, RTX 3060 PCs starting $999.99 & More
 See All Deals  

Dolby Vision Model 65″ Amazon Fire TV Omni Series 4K HDR 10 Smart TV
$829.99 $499.99  

512GB Samsung EVO Select + Adapter microSDXC Memory Card (up to 130MB/s transfer speeds)
$79.99 $59.99  

Gateway Creator 17.3″ 120Hz 1080p Intel Core i7-11880H + NVIDIA RTX 3050 Ti Laptop w/ 1TB SSD, 16GB RAM
$1,299.00 $999.00  

NVIDIA RTX 3060 Dell XPS 8940 Special Edition Intel Core i5-11400 Gaming Desktop
$1,449.99 $999.99  

All product and deal information such as discount, price and availability are believed to be accurate as of the time of publication. Please verify these details with the merchant site and check the merchant’s terms and conditions before you buy. Publisher is not responsible for errors or omissions.

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.

Thanks for joining us today.

Russ Roberts (machine learning, artificial intelligence, IoT, and information security)