password based security myths

Busting the Myths Surrounding Password-Based Security

People have been relying on password-based security for millennia. The Roman military reportedly used what they called “watchwords” to identify soldiers on patrol. Exclusive groups and guilds used secret passwords to prove membership. The phrase “open sesame” protected hidden treasure in the story of Ali Baba and the Forty Thieves. In more recent times, the world’s first computer passwords were installed …

threat landscape

How The Current Threat Landscape Impacts Authentication Security

Repercussions from the ongoing pandemic are still reverberating through workplaces all over the world. Businesses are racing to catch up with the changes they’ve had to make to accommodate remote workers, digitalization, and new cloud technologies. Many have let their cybersecurity practices fall to the wayside in a rush to evolve with the times. In a report by PwC, 64% …

Cybersecure

Cultivating a Cybersecure Culture at Work is Everyone’s Responsibility

Businesses often say that their people are their greatest asset. When it comes to cybersecurity, this statement is truer than you might think. A constantly shifting threat landscape means cybersecurity best practices should be on everyone’s mind, not just your CTO or CISO. When employees of all areas, from new hires to the executive suite, are equipped to understand and …

ransomware (1)

Reimagining Ransomware Responses

Planning, Protecting and Not Paying Your company is aware of the many attempts that hackers make every day to infiltrate organizations, steal data, and demand ransoms. Hacking methods seem to propagate rapidly, but ransomware has been making the headlines regularly in the past two years. Ransomware, a form of malware, accounted for about ten percent of the breaches collated in …

ransomware

To Pay Up or Not Pay Up

Investigating the repercussions of ransomware attacks The number of ransomware attacks and the frequency of institutions paying those ransomshas increased over the past years. Unfortunately, this hasn’t correlated with those institutions getting their data or systems back. So, should organizations stop paying ransoms? What is ransomware? Ransomware is a type of malware that encrypts the victim organization or individual’s data. …

RockYou2021

Demystifying RockYou2021

Unless you’ve been living under a rock, you’ve probably heard of the RockYou2021 breached password list. Many articles have been published about this incident and password lists associated with it. However, some reported information is misleading or downright wrong. Let’s dive into what the RockYou2021 list means for you and organizations worldwide. What is RockYou2021? For a quick recap, RockYou2021 …

pipeline

Lessons from the Colonial Pipeline Breach

One of the largest, most economically devastating ransomware attacks occurred less than a month ago, and details of the attack are starting to become clearer. So what was the catalyst for this attack? It was as simple as a compromised password. As initially reported by Bloomberg, DarkSide was able to breach Colonial Pipeline and inject ransomware, crippling their infrastructure and …

MFA 3

Mixing It Up – Defending Against a Blended MFA Attack

Most businesses employ multi-factor authentication (MFA) security measures to protect their systems and accounts. We’ve talked about the best ways to use MFA effectively and how important it is to protect each layer to keep the bad actors out while still granting your employees and users the access they require. Unfortunately, many businesses believe MFA is all they need to …