Password manager vendor releases new credential security and support service features, along with a new low-cost option for small businesses. Credit: Matejmo / Getty Images Password manager vendor Dashlane has announced updates to its suite of enterprise offerings. These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses. The firm has also introduced new live phone support service whereby users can request and book a call directly with Dashlane’s support team.Breached employee credentials on dark web pose significant threat to businessesIn a press release, Dashlane stated that its new Dark Web Insights tool “continuously scans” more than 20 billion records attached to hacks or data breaches on the dark web, providing users with a bespoke breakdown of compromised passwords across their organization. Dark Web Insights also provides admins the ability to scan their organization for incidences of breached credentials and invite non-Dashlane using, breached employees to begin using Dashlane through built-in seat provisioning. The firm said that, by pairing this alert function with the ability to generate new, random, and unique passwords, admins can take action quickly once alerted about compromised credentials.Heather Hankins, security specialist at the National Educational Telecommunications Association, said that it is useful for security teams to know if and when employees have suffered a credential breach. “That way, when you help them deal with [a breach], you’re also training them, and giving them valuable security advice to help prevent this in the future.” A recent report from Searchlight Security detailed a case study of how employees’ credentials can be exposed on the dark web and how dark web monitoring can help protect organizations by pre-empting attacks. According to Executives Under Threat 2022, the vendor performed a dark web search of data attributes belonging to specific employees of a large US healthcare organization. Despite finding no evidence that the organization had suffered an attack, its search detected several data points linked to an individual employee, including business and personal email addresses, contact numbers, their spouse’s vehicle registration as well as their children’s phone numbers and their home address. By uncovering this information, the organization’s security team was able to implement a more proactive security posture and address the potential threat of a targeted attack on the executive or their family, which could impact the business itself. Dashlane Authenticator app launched amid rise of MFA fatigue attacksIn addition to dark web monitoring, Dashlane has announced a standalone authenticator app to provide a simple way to enable MFA for any compatible accounts. Available on iOS and Android devices, Dashlane Authenticator has been designed as a counterpart to the Dashlane Password Manager app, making 2FA token autofill seamless for vault items and allowing for secure sharing of both passwords and 2FA codes, the firm stated.While MFA is often touted as a vital security feature, recent high-profile breaches suggest it is certainly not a security panacea, with attackers finding ways around it. Attacks on Uber and Twilio have highlighted a rise in MFA Fatigue campaigns, whereby cybercriminals spam an employee whose credentials have been compromised with MFA authorization requests until they become annoyed and approve the request, grating the attacker access. It’s a simple yet effective technique that relies on a user’s lack of training and understanding of the attack vector. Furthermore, smaller businesses and entrepreneurs can now opt for Dashlane’s new Starter option, a low cost plan for teams of up to 10 individuals priced at $20 per month, while the firm’s new live phone support service is now available to Business, Team, and Starter plan users alike, it stated. Live chat support is available in English, French and German, Dashlane added. Related content news Repeated cyberattacks on court systems raise security concerns for the US Court systems form crucial national infrastructure and therefore a nation-state angle cannot be completely ruled out in the recent surge in attacks. By Shweta Sharma May 29, 2024 9 mins Ransomware Cyberattacks opinion Cybersecurity at a crossroads: Time to shift to an architectural approach The need for greater scale, intelligence, and automation is driving massive change in security operations and the SIEM market. By Jon Oltsik May 29, 2024 8 mins Security Operations Center Security Practices Security Software news US healthcare agency to invest $50M in threat detection tools that predict attackers’ next moves The Advanced Research Projects Agency for Health is seeking proposals that go beyond detecting and analyzing healthcare attacks to trying to determine what attackers will try next. By Evan Schuman May 28, 2024 5 mins Government IT Healthcare Industry Threat and Vulnerability Management news Data leak exposes personal data of Indian military and police Data included facial scans, fingerprints, identifying marks such as tattoos or scars, and documents such as birth certificates and employment records. By Prasanth Aby Thomas May 28, 2024 4 mins Data Breach PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe