Research, news and updates on threats and cybersecurity
Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password standards to screen for weak, commonly-used, expected, and compromised passwords. Then they …
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
Unless you’ve been living under a rock, you’ve probably heard of the RockYou2021 breached password list. Many articles have been published about this incident and password lists associated with it. However, some reported information is misleading or downright wrong. Let’s dive into what the RockYou2021 list means for you and organizations worldwide. What is RockYou2021? For a quick recap, RockYou2021 …
One of the largest, most economically devastating ransomware attacks occurred less than a month ago, and details of the attack are starting to become clearer. So what was the catalyst for this attack? It was as simple as a compromised password. As initially reported by Bloomberg, DarkSide was able to breach Colonial Pipeline and inject ransomware, crippling their infrastructure and …
Most businesses employ multi-factor authentication (MFA) security measures to protect their systems and accounts. We’ve talked about the best ways to use MFA effectively and how important it is to protect each layer to keep the bad actors out while still granting your employees and users the access they require. Unfortunately, many businesses believe MFA is all they need to …
For many organizations, password security comes down to simply implementing blocks on basic dictionary words from being used in the creation of a user’s password. This is not an effective way to secure passwords and may in fact make the creation of a secure password more difficult. There are many ways to improve password security that go beyond blocking dictionary …
When planning an organization’s security architecture, there has commonly been a focus on traditional approaches like managing firewalls and ensuring systems are patched. While these are critical components of any organization’s best security practices, there have been several key areas of security planning that have been overlooked. One such area of planning is the issue of password hygiene and account …
Multi-factor authentication (MFA) requires several elements in order to function as real security for your data systems. Each factor in a multi-factor system must be appropriately protected because malicious actors can take advantage of a weak link to dismantle your protection. In part one of our series on the vulnerabilities of multi-factor authentication, we talked about the social engineering tactics …
Reports, op-eds, and documentaries point out that many 2020 pandemic-prompted changes are likely here to stay. From contactless takeout food delivery to the widespread adoption of virtual meetings, the disruption of COVID caused many technological and digital shifts for organizations. According to recent information from PWC, which surveyed businesses cross-industry, CEOs plan to make their companies more digital and virtual. …
Our digital world is reliant on passwords and will be for a long time. As the pandemic forced almost all aspects of life online, protecting privacy and staying safe on the web has become a time-sensitive and growing issue. Passwords have a terrible reputation as the weak link in our approach to cybersecurity in many areas. However, the reality is …
All Hands on Deck The average person is familiar with the idea of security systems at large organizations: key cards, security guards, and ID badges. Similarly, we have a grasp on some small-scale home security: motion-detecting lights, home cameras, and our physical locks and keys. What we haven’t come to terms with is that the digital landscape. It isn’t the …
Over the last few years, Multi-Factor Authentication (MFA) use has become more common across industries. Having MFA associated with your phone number feels comforting, but it’s also plagued by hackers looking for new methods of attack. If you are holding your phone, is it safe to get a text with a confirmation code sent to your device? Hackers have ways …
