Below you'll find a list of all posts that have been categorized as “all posts”
Investigating the repercussions of ransomware attacks The number of ransomware attacks and the frequency of institutions paying those ransomshas increased over the past years. Unfortunately, this hasn’t correlated with those institutions getting their data or systems back. So, should organizations stop paying ransoms? What is ransomware? Ransomware is a type of malware that encrypts the victim organization or individual’s data. …
The education sector is a prime target for credential attacks and password reuse is rampant. So, we took some time to talk with one of our customers (a large private university) about how our solution has enabled them to shore up their defenses and reduce the risk from compromised credentials. Tell us about your situation. Higher education is similar to …
Data from the first quarter of 2021 showed an increased frequency of data breaches and compromised personal information. The annual report from the Identity Theft Resource Center (ITRC) indicates the number of individuals with some form of personal data leaked online increased by 546% from the last quarter of 2020 to the first of 2021. And no, that percentage is …
Every aspect of our lives is touched by the digital world and passwords are one of the most critical issues in cybersecurity. Internet users of all ages and abilities employ passwords without necessarily understanding the process. Why are they being asked to create passwords with specifications like capital letters and only certain symbols? It’s time for us all to visit …
Unless you’ve been living under a rock, you’ve probably heard of the RockYou2021 breached password list. Many articles have been published about this incident and password lists associated with it. However, some reported information is misleading or downright wrong. Let’s dive into what the RockYou2021 list means for you and organizations worldwide. What is RockYou2021? For a quick recap, RockYou2021 …
One of the largest, most economically devastating ransomware attacks occurred less than a month ago, and details of the attack are starting to become clearer. So what was the catalyst for this attack? It was as simple as a compromised password. As initially reported by Bloomberg, DarkSide was able to breach Colonial Pipeline and inject ransomware, crippling their infrastructure and …
Most businesses employ multi-factor authentication (MFA) security measures to protect their systems and accounts. We’ve talked about the best ways to use MFA effectively and how important it is to protect each layer to keep the bad actors out while still granting your employees and users the access they require. Unfortunately, many businesses believe MFA is all they need to …
For many organizations, password security comes down to simply implementing blocks on basic dictionary words from being used in the creation of a user’s password. This is not an effective way to secure passwords and may in fact make the creation of a secure password more difficult. There are many ways to improve password security that go beyond blocking dictionary …
When planning an organization’s security architecture, there has commonly been a focus on traditional approaches like managing firewalls and ensuring systems are patched. While these are critical components of any organization’s best security practices, there have been several key areas of security planning that have been overlooked. One such area of planning is the issue of password hygiene and account …
Multi-factor authentication (MFA) requires several elements in order to function as real security for your data systems. Each factor in a multi-factor system must be appropriately protected because malicious actors can take advantage of a weak link to dismantle your protection. In part one of our series on the vulnerabilities of multi-factor authentication, we talked about the social engineering tactics …
