blog-slider.jpg

KnowBe4

Security Awareness Training Blog


Keeping You Informed. Keeping You Aware.

Enigma Hacked Before ICO Date -- CEO Had Not Changed A Compromised Password

Wherever there’s a lot of money to be made cyber thieves are not far behind. Think sharks surrounding a bait ball.

Enigma is a financial data marketplace founded by a team from MIT which is set to launch its Initial Coin Offering (ICO) on September 11, 2017. It has a community of 9,000 users who joined its mailing list, social accounts, and their Slack tool to keep up with its offering and stay up to date after the ICO.

Survey of 2600 IT Pros: "Password Procedures Still Are A Cyber Security Fail"

 

After the NIST passwords bombshell, we surveyed 2,600 IT professionals to find out how they were managing passwords. The answers show that IT Pros are generally receptive to the proposed pass phrase concept suggested by NIST.

NIST Special Publication 800-63B, “Digital Identity Guidelines,” states: “Many attacks associated with the use of passwords are not affected by password complexity and length. Keystroke logging, phishing, and social engineering attacks are equally effective on lengthy, complex passwords as simple ones. This means that password complexity has failed in practice." Verizon's latest Data Breach Report showed that 81% of hacking-related breaches used either stolen and/or weak passwords, supporting the NIST conclusion.

This password bombshell will make you scratch your head...

OK, this is a headscratcher. This is why we were surprised.  I found it in a Wall Street Journal article today (paywall).

Bill Burr, the author of “NIST Special Publication 800-63. Appendix A.” which covers “traditional” password complexity requirements, has said that password complexity has failed in practice

Whoa Nellie.

Subscribe To Our Blog

Phish Your Users




Get the latest about social engineering

Subscribe to CyberheistNews