3 Ways To Protect Your Identity Online

Apr 13, 2021 8:00:00 AM By James McQuiggan
Within security awareness training programs, cybersecurity experts promote various tactics and best practices to implement within personal and work environments to protect your identities ...
Continue Reading

The Three Best Things You Can Do To Improve Your Computer Security

Feb 9, 2021 7:48:35 AM By Roger Grimes
The three best things you can do to improve your computer security, bar anything, have been the same three things you should have already been doing for the entirety of computers. The top ...
Continue Reading

Thousands of Stolen Credentials Accessible via Google Search as Cybercriminals Accidentally Make Them Public

Jan 22, 2021 11:39:25 AM By Stu Sjouwerman
A publishing goof by cybercriminals on a WordPress site made files containing stolen passwords indexable by Google and were subsequently publicly available via search.
Continue Reading

Eye-Opening Password Predictions: Remote Work Will Increase Risk for Data Breaches

Dec 21, 2020 2:12:55 PM By Stu Sjouwerman
Ponemon's State of Password and Authentication Security Behaviors Report analyzes password and security behaviors over time with similar trends. We wanted to deep dive into the reports of ...
Continue Reading

Over Half of Users Admit to Reusing the Same Password on Multiple Accounts

Dec 17, 2020 3:50:39 PM By Stu Sjouwerman
New data reported earlier this year by Security Magazine shared a report from Secure OAuth that 53% of users reuse the same passwords on multiple accounts. Among those 44% admit to using ...
Continue Reading

The Most Common Password Frustrations

Nov 9, 2020 5:01:48 PM By Roger Grimes
We all know the well-worn adage to make our passwords long and complex. Sometimes trying to do so can be completely frustrating.
Continue Reading

6 Lessons I Learned from Hacking 130 MFA Solutions

Nov 5, 2020 2:16:43 PM By Roger Grimes
I was fortunate enough to write Wiley’s Hacking Multifactor Authentication. It’s nearly 600-pages dedicated to showing attacks against various multi-factor authentication (MFA) solutions ...
Continue Reading

WARNING: Americans’ Password Habits are Horrible, Putting Organizations at Risk

Nov 4, 2020 7:01:00 AM By Stu Sjouwerman
New data shows the average American uses short, uncomplicated, and often predictable passwords, practices which only increase the insecurity of corporate user accounts.
Continue Reading

Researchers Discover Most Microsoft 365 Admins Don't Enable Multi-Factor Authentication

Oct 27, 2020 12:31:02 PM By Stu Sjouwerman
Researchers from CoreView recently discovered that 97% of all total Microsoft 365 users do not utilize multi-factor authentication (MFA). A staggering 78% of Microsoft 365 admins do not ...
Continue Reading

[NEW BOOK] Hacking Multi-Factor Authentication

Oct 27, 2020 8:58:07 AM By Roger Grimes
I’m excited to announce the release of my 12th book, Hacking Multifactor Authentication.
Continue Reading

Cybersecurity Awareness Month Weekly Tip: Password Security

Oct 13, 2020 7:00:00 AM By Stu Sjouwerman
Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our evangelists to help your users make smarter security decisions and ...
Continue Reading

The Pesky Password Problem: Policies That Help You Gain the Upper Hand on the Bad Guys

Oct 7, 2020 7:00:00 AM By Stu Sjouwerman
What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about ...
Continue Reading

[Heads Up] This Ingenious Worm Phishing Campaign Is A Game-Changer In Password Theft And Account Takeovers

Sep 30, 2020 9:52:30 AM By Stu Sjouwerman
A few days ago in a Medium blog post, Craig Hays, a cybersecurity architect and bug bounty hunter described a recent phishing new type of attempt which turned out to become "the greatest ...
Continue Reading

Which Users in Your Organization Put You at Risk?

Sep 24, 2020 7:00:00 AM By Stu Sjouwerman
October is National Cybersecurity Awareness Month, so it's a perfect time to fortify your human firewall. Start by identifying which users may be putting your organization at risk before ...
Continue Reading

Credential Stuffing to Stuff the Ballot Box

Sep 22, 2020 10:20:17 AM By Stu Sjouwerman
Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...
Continue Reading

Credential Stuffing Used Against Financial Services

Sep 21, 2020 8:27:15 AM By Stu Sjouwerman
A security alert from the FBI warns that hackers are launching credential-stuffing attacks against organizations in the financial sector, ZDNet reports.
Continue Reading

Credential Stuffing Attacks Shut Down Canada's Revenues Service

Aug 18, 2020 12:47:25 PM By Stu Sjouwerman
The Canada Revenue Agency is investigating two online hacking incidents affecting the personal information of thousands of Canadians, according to CBC News.
Continue Reading

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

Jul 29, 2020 11:34:04 AM By Stu Sjouwerman
A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code.
Continue Reading

Are Account Takeovers Driving Towards a Passwordless Future?

Jul 27, 2020 10:00:39 AM By Javvad Malik
The bad guys will try to take over accounts all the time. Logging onto someone's account with their credentials is usually a whole lot easier than trying to compromise the website ...
Continue Reading

Brand-New Tool: Browser Password Inspector Helps Find Risky Passwords Your Users Save in the Browser

Jul 22, 2020 7:00:00 AM By Stu Sjouwerman
Cybercriminals are always looking for easy ways to hack into your network and steal your users’ credentials. 
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews