Cybersecurity Awareness Month Weekly Tip: Password Security

Oct 13, 2020 7:00:00 AM By Stu Sjouwerman

Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our evangelists to help your users make smarter security decisions and ...

The Pesky Password Problem: Policies That Help You Gain the Upper Hand on the Bad Guys

Oct 7, 2020 7:00:00 AM By Stu Sjouwerman

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about ...

Which Users in Your Organization Put You at Risk?

Sep 24, 2020 7:00:00 AM By Stu Sjouwerman

October is National Cybersecurity Awareness Month, so it's a perfect time to fortify your human firewall. Start by identifying which users may be putting your organization at risk before ...

Credential Stuffing to Stuff the Ballot Box

Sep 22, 2020 10:20:17 AM By Stu Sjouwerman

Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...

Credential Stuffing Used Against Financial Services

Sep 21, 2020 8:27:15 AM By Stu Sjouwerman

A security alert from the FBI warns that hackers are launching credential-stuffing attacks against organizations in the financial sector, ZDNet reports.

Credential Stuffing Attacks Shut Down Canada's Revenues Service

Aug 18, 2020 12:47:25 PM By Stu Sjouwerman

The Canada Revenue Agency is investigating two online hacking incidents affecting the personal information of thousands of Canadians, according to CBC News.

Are Account Takeovers Driving Towards a Passwordless Future?

Jul 27, 2020 10:00:39 AM By Javvad Malik

The bad guys will try to take over accounts all the time. Logging onto someone's account with their credentials is usually a whole lot easier than trying to compromise the website ...

More Than 15 Billion Credentials Are For Sale in Criminal Markets

Jul 8, 2020 3:50:09 PM By Stu Sjouwerman

Researchers at Digital Shadows warn that there are more than 15 billion leaked login credentials for sale in online criminal marketplaces. This number is up 300% since 2018, and the ...

Multifactor Authentication Versus Credential Stuffing?

Jun 11, 2020 12:51:34 PM By Stu Sjouwerman

You shouldn’t assume multi-factor authentication will protect your accounts from credential stuffing attacks, according to Gerhard Giese at Akamai. Credential stuffing is a type of ...

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Jun 4, 2020 8:24:05 AM By Stu Sjouwerman

Lots of new data is now just coming out of the woodwork demonstrating some of the harsh realities of having employees work from home without proper security in place.

It's World Password Day 2020 - Is Your Organization Safe?

May 7, 2020 8:22:37 AM By Stu Sjouwerman

Today is World Password Day, a holiday created by Intel on the first Thursday of May to ensure everyone knows password best practices. “P@ssW0rd” has never been a safe password to use to ...

What is the Right Password Policy?

May 7, 2020 8:15:00 AM By Roger Grimes

What is the right password policy? Conventional password policies say you must have a password at least 8-12 characters long…16 characters or longer if it belongs to an elevated ...

Q&A With Data-Driven Evangelist Roger Grimes on the Great Password Debate

May 6, 2020 10:03:21 AM By Roger Grimes

I get asked a lot about password policy during my travels around the globe giving presentations and from people who email after webinars. Many of the questions are the same and I’ve ...

Anti-Virus, Identity Protection Phishbait

Mar 5, 2020 8:29:19 AM By Stu Sjouwerman

A phishing campaign is using fake NortonLifelock documents to trick victims into installing a remote access tool, according to researchers at Palo Alto Networks’ Unit 42. The documents ...

Most Organizations Stick to Legacy Password Security Practices Despite Experiencing Cyberattacks

Feb 21, 2020 8:24:51 AM By Stu Sjouwerman

In a surprising twist, new data sheds light on the lack of proper security around passwords and authentication by IT at a time when cyberattacks are all but an absolute given.

U.K. Report: "We’re Doomed-Passwords Aren’t Strong or Secure"

Jan 20, 2020 12:12:34 PM By Stu Sjouwerman

A recent survey of over 2,000 U.K. broadband users shows that individuals don’t use good password hygiene or secure storage to protect themselves against future cyberattacks.

New Office 365 Phishing Attack Targets OAuth Apps Instead of Credentials

Jan 9, 2020 8:43:14 AM By Stu Sjouwerman

Trying to steal your username and password is so “yesterday.” The 2020 Hacker is now leveraging Office 365 OAuth APIs to gain control over user mailboxes with phishing tactics.

Dancing with Hackers

Dec 19, 2019 9:25:11 AM By Javvad Malik

Dancing with the Stars pro Witney Carson announced on Twitter that her Facebook account had been hacked. Unknown miscreants gained control of Carson’s Facebook through a unique phishing ...

Take the Free Weak Password Test and Enter to Win a Stormtrooper Helmet!

Dec 18, 2019 9:30:00 AM By Stu Sjouwerman

Are your users' passwords…P@ssw0rd? Verizon's Data Breach Report showed that 81% of hacking-related phishing attacks used either stolen and/or weak passwords. Employees are the weakest ...

Have Your Users Been Exposed in the 8.5 Billion Breached Records This Year?

Dec 10, 2019 9:00:00 AM By Stu Sjouwerman

Data breaches are getting bigger, the bad guys are getting more cunning, and the amount of compromised data is unfortunately continuing to rise. According to RiskBased Security, breach ...

Security Awareness Training Blog

View Topics

Cybersecurity Awareness Month Weekly Tip: Password Security

The Pesky Password Problem: Policies That Help You Gain the Upper Hand on the Bad Guys

Which Users in Your Organization Put You at Risk?

Credential Stuffing to Stuff the Ballot Box

Credential Stuffing Used Against Financial Services

Credential Stuffing Attacks Shut Down Canada's Revenues Service

Are Account Takeovers Driving Towards a Passwordless Future?

More Than 15 Billion Credentials Are For Sale in Criminal Markets

Multifactor Authentication Versus Credential Stuffing?

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

It's World Password Day 2020 - Is Your Organization Safe?

What is the Right Password Policy?

Q&A With Data-Driven Evangelist Roger Grimes on the Great Password Debate

Anti-Virus, Identity Protection Phishbait

Most Organizations Stick to Legacy Password Security Practices Despite Experiencing Cyberattacks

U.K. Report: "We’re Doomed-Passwords Aren’t Strong or Secure"

New Office 365 Phishing Attack Targets OAuth Apps Instead of Credentials

Dancing with Hackers

Take the Free Weak Password Test and Enter to Win a Stormtrooper Helmet!

Have Your Users Been Exposed in the 8.5 Billion Breached Records This Year?

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search