Cyberattacks continue to have a massive economic impact on local and state branches of governments across the U.S. When sectors of government are breached, the credibility of their institutions is jeopardized, leading to a negative cycle of resource allocation. When focusing on municipalities, it’s particularly easy to see how detrimental the impact can be. A Perfect Target Municipalities are ideal …
Password Spraying: How Common Passwords Threaten Your Organization
When hackers target your organization with a password spraying attack, hackers are betting that one (or more) of your employees is logging in with a commonly used password. Threat actors adopt this attack method because it can be done slowly enough to avoid account lockouts. This is just one type of password attack that could hit your organization, and cyber …
Throwing Light on the Dark Web
As recent reviews have shown, upwards of 80% of hacking-related attacks involve compromised credentials. Threat actors can target individuals and companies through many different types of cyber attacks, but where does their information come from in the first place? It’s easy to find lists of usernames and passwords, sometimes for free, but more often for sale online. In fact, according …
From Paper to Passwords: Digitizing the Voting Process
2020 has introduced many unique circumstances. It’s shown us that there’s not a lot that can’t be done online, from school to therapy. The usefulness of the digital age has never been more salient. The recent chaos of holding an American presidential election during a pandemic has shone a light on just how beneficial digital voting could be, as well. …
From Stolen Credentials to Full Network Compromise
How Hackers Are Actually Using Exposed Passwords to Infiltrate Active Directory Recent reports like the Verizon DBIR have noted that stolen credentials are often the foothold that attackers use to compromise networks and systems. A simple phishing or credential stuffing attack becomes the entry point for a much larger enterprise, like data theft, ransomware, or system hijacking. This is rather …
Credential Vulnerabilities Most Likely Breach Culprit: Verizon DBIR
According to Verizon’s recently released 2020 Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials. We analyzed the findings and uncovered some additional data points that underscore how pervasive and detrimental poor password practices are to businesses today. Looking at the DBIR data in detail, approximately 35% of all breaches were …
Specialized Threat Intelligence: Breach Data to Defensive Solution
Fraud and account take-over cost companies billions of dollars every year. Many of these successful attacks are the result of credential stuffing, a vulnerability created by users’ reuse of passwords across systems and websites. Because of the risk of exposed passwords, the US-based National Institute of Standards and Guidelines (NIST) recommends screening accounts against lists of commonly-used and compromised credentials, …
The CapitalOne Cyber Security Incident
Capital One Financial Corporation just disclosed a cyber security incident that impacts about 100 million people in the U.S. and 6 million in Canada. The customer data was illegally accessed sometime between March 12 and July 17, according to federal prosecutors. According to CapitalOne’s site, the largest category of information that was accessed was from consumers and small businesses that applied …
Facebook Password Security Fail
Facebook is facing scrutiny once again today by disclosing that it accidentally stores “hundreds of millions” user passwords in plaintext. To make matters worse, 20,000 Facebook employees had access to view these passwords. Instagram users are also impacted by this massive oversight. There are so many things wrong here. In the day and age, obviously no company or organization should …
Massive Equifax Data Breach Puts Consumers at Risk for Identity Theft and Compromised Accounts
With rapid rate of evolution within technology, why are we still using passwords? The answer lies in the simple, positive attributes of passwords that are not found in other authentication methods: affordable, easy to replace, universally compatibility, privacy safe and no false positive. This closer look highlights the gaps in other methods that will make it hard to get past the password.
- Page 1 of 2
- 1
- 2