Don’t Fall Victim to Breach Fatigue

People shouldn’t let news of data breaches dissuade them from trying to protect their information, according to security researcher Ray [REDACTED]. On the CyberWire’s Hacking Human ...
Continue Reading

What Footballers Wives Can Teach Us About Cybersecurity

Professional football (soccer for my American friends) is big around the world. The English Premier League is among the top in the world, attracting some of the best players, generating ...
Continue Reading

More Than 2.2 Billion Stolen Account Credentials Have Been Made Available on the Dark Web

2019 is looking to be the year of the “data dump”, with more exposed records than any other year, empowering further credential stuffing attacks, according to McAfee.
Continue Reading

18 Months, 61 Billion Credential-Stuffing Attacks

Akamai observed 61 billion credential stuffing attacks between January 2018 and June 2019, according to Computer Business Review. In a new report on Internet security, Akamai researchers ...
Continue Reading

Microsoft Kills Password Expiration Policy Recommendation with Latest Security Baseline for Windows 10

This change from Microsoft highlights the need for organizations to readdress the user-based insecurity of passwords caused by password expirations.
Continue Reading

Biometrics Can’t Replace Passwords: A Cybercriminal's Dream

In the quest to create a more secure environment, new ways to authenticate that replace the password are being sought. But it’s looking like passwords are here to stay.
Continue Reading

A Case of Password Spraying

Citrix last month confirmed the FBI’s suspicions that hackers had used a technique known as “password spraying” to compromise the company’s networks before stealing a massive amount of ...
Continue Reading

How Your Users Can Fall Victim To Credential Stuffing Attacks

Credential stuffing attacks are extremely easy to carry out and offer a massive return on investment, according to a new report by researchers at Recorded Future. These attacks utilize ...
Continue Reading

Passwords and Their Encryption Are Easy Prey for Cyber Criminals in Account Takeover Attacks

Passwords serve as the foundation for most security today. But security vendor SpyCloud have recovered over 3.5 billion credentials, demonstrating just how insecure they really are.
Continue Reading

Hackers take over Tampa Mayor Bob Buckhorn's Twitter account, make bomb threat at Tampa Airport

TAMPA, Fla. (WFLA) - Tampa police are investigating a bomb threat made against Tampa International Airport after hackers took over Tampa Mayor Bob Buckhorn’s Twitter account Thursday ...
Continue Reading

8-Character Windows NTLM Passwords Can Be Cracked In Under 2.5 Hours

BeauHD posted in Slashdot: "HashCat, an open-source password recovery tool, can now crack an eight-character Windows NTLM password hash in less than 2.5 hours. "Current password cracking ...
Continue Reading

A Hacker’s Dream: Half of IT Admins Reuse Passwords Across Multiple Accounts

The most recent report from Ponemon shows how IT’s lack of password management is wildly misaligned with the organizations supposed concern for protecting data.
Continue Reading

Brand-New Tool: Password Exposure Test Identifies Risky Users

The bad guys are constantly coming out with new ways to hack into your network and steal your organization’s confidential information.
Continue Reading

Easy Hacker Targets: Bad Password, IoT Devices, and no 2FA. Let's Make It Harder In 2019!

Without proper security controls, compromising an IoT device is easy work for hackers, giving them access to potentially more than just the device. Let's make it harder for them in 2019!
Continue Reading

Kanye West Tops Dashlane’s List of 2018’s “Worst Password Offenders”

  Dashlane today announced its third annual list of the “Worst Password Offenders.” The list highlights the high-profile individuals and organizations that had the most significant ...
Continue Reading

75% of users reuse passwords across different accounts – this is up from 56% in 2014!

We’ve always known users are the weakest link in your security chain, but new report data from SailPoint shows just how bad users are behaving in 2018 – and how it affects security.
Continue Reading

The Pesky Password Problem: Battle of the Red and Blue Team featuring Kevin Mitnick [On-Demand Webinar]

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about ...
Continue Reading

212 Million Exposed Contacts Would Be a Scammer’s Dream

A recent discovery of exposed data on a web-facing server owned by data aggregator and analytics provider Apollo demonstrates how data breaches empower scammers.
Continue Reading

Users Sharing Passwords Put Organizations at Higher Risk

Cybercriminals thrive on misuse of credentials, and users sharing them only makes the criminal’s job easier. The latest report from LastPass shows password sharing is rampant.
Continue Reading

WSJ: "Forget Passwords. It’s Time for Passphrases."

Mr. Henry Williams is a deputy editor for The Wall Street Journal in New York, and he reported on something we just also recommended. Here is an excerpt with a link to the full article at ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews