Research, news and updates on threats and cybersecurity
Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password standards to screen for weak, commonly-used, expected, and compromised passwords. Then they …
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
Organizations using Active Directory must update their password policies to block and detect compromised passwords, but comparing password monitoring vendors in this area can sometimes be challenging. Often, organizations are not sure how to compare vendors and are not sure what questions should be asked when working with password monitoring vendors. By asking the right questions, you can pick the …
Connected devices are becoming increasingly prevalent in the home, at the office, and everywhere in between. With 2020 widely predicted to see the arrival of mainstream 5G adoption, we can only expect the popularity of smart IoT products to grow. While the IoT certainly brings a number of efficiencies and conveniences, it also can represent a significant security vulnerability. As …
In early September 2019, the DLA Internet Bid Board System (DIBBS) implemented new password requirements in line with the updated Department of Defence (DoD) security requirements. As a portal for contractors to submit quotes and proposals to the Defence Logistics Agency (DLA), DIBBS is home to potentially sensitive information that must be protected with robust cybersecurity measures. The September 2019 …
According to an IDC report, global digital transformation spending reached $1.8 trillion in 2019—up nearly 18% from 2018. What’s more, the firm expects digital transformation investments to total more than $6 trillion over the next for years, with the study’s authors noting, “Digital transformation is quickly becoming the largest driver of new technology investments and projects among businesses.” But how …
Cybersecurity isn’t always a battle to keep hackers out at all costs. Sometimes it’s actually about making the costs just not worth the effort. This is particularly true when it comes to how passwords are stored on your server. Let’s take a look at how to make it more unreasonably costly to the hacker who just compromised the server that …
National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changing passwords frequently; or requiring users to generate passwords of a specified length. The changes address findings from NIST related to the human factors that cause users to create …
Password audits have become more difficult. New data breaches expose credentials every day. These are quickly fed into hackers’ cracking dictionaries, changing which passwords you need to keep out. Verizon’s DBIR found 81% of data breaches were caused by compromised, weak, and reused passwords. Traditional algorithmic complexity rules are no longer considered a key factor in password strength. NIST password …
Today is World Password Day and despite proclamations that passwords are going the way of the Dodo, they are still a fundamental part of our digital lives. However, they remain a weak link in our approach to cybersecurity and it’s time for us all to rethink how we create and use passwords to protect our identities from cybercriminals. So, we …
Today is World Password Day and organizations are unfortunately still reliant on archaic password strategies that put the onus on users to create and remember numerous complex and constantly changing password strings. It’s no wonder that this approach is an abject failure. Enterprises need to take steps to address the password problem and ensure that only strong, unique and uncompromised …
Recent research from Enterprise Management Associates (EMA) found that a staggering 60% of organizations have experienced a security breach in the past year. Digging into the details, the leading source of breaches (24.4%) was once again due to compromised user passwords. The findings also highlighted that a further 16.1% of breaches were down to a user sharing credentials with an …
