Blacklist Azure AD

The Risks Azure AD Password Protection Ignores: Compromised and Blacklisted

2022 is shaping up to be an extremely successful year for cybercriminals. Data breaches are accumulating in unprecedented numbers, putting more and more information in the hands of bad actors. Cyberattacks this year have hit big players like Cash App and the Red Cross, as well as smaller companies around the world. Even small data breaches have a part to …

Stolen Credentials

How Stolen Credentials and Ransomware are a Simultaneous Threat

Defending from Both Directions Over the past decade, the cyber landscape has evolved rapidly. But as Mike Wilson points out for Forbes, with every positive change or technological advancement comes several layers of cyber threat, as criminals continue to seek out weaknesses wherever they can.  Each year the Verizon DBIR provides an overall update on current threat trends and provides insight into who …

The Biggest Takeaway from the 2022 Verizon DBIR

The annual Verizon Data Breach Investigations Report (DBIR) contains several useful security insights. Reflecting on another year where cybersecurity attacks have frequently starred in news headlines, the 2022 DBIR confirms a lot of what professionals already know: cyber attacks continue to increase in frequency, and organizations of all sizes need to bolster their defensive postures in order to stay safe.  …

username & password

Username & Password Pairs: Why Banning Just Passwords Isn’t Enough

Password blacklists are receiving considerable attention. It’s clear why: weak and compromised passwords are a factor in nearly all hacking-related cybersecurity breaches. Best practices from NIST require organizations to disallow the use of any common and compromised passwords. And several cyber security companies offer password blacklists for this purpose. But authentication requires a username and password combination, so shouldn’t we …

IAM day

Time to Lock Down Identity Management Strategies

Updated Best Practices for 2022   Identity Management Day is a chance to bring attention and information about identity management to organizations of all kinds, especially as the digital landscape expands.   Presented by the Identity Defined Security Alliance and the National Cybersecurity Alliance (NCSA), it’s a much-needed opportunity to educate businesses and IT leaders on the importance of cybersecurity awareness and …

experian

Cyberdemic 2.0?

The 2022 Experian Data Breach Industry report covers the impact of breaches over the past year and turns an eye towards the upcoming months as well, forecasting implications for the continued barrage of cyberattacks.  The report covers trends in the digital landscape that have manifested due to natural disasters and gambling sites (leading to more phishing scams), as well as …