How School Districts can defend themselves from increased cyberattacks. While there are changes for each generation of students to experience, it’s safe to say that the impact of the pandemic on the scholastic world in 2020 was dramatic and immediate. The transition from in-person classes to web-based learning was startling for everyone, but especially K-12 students because of the rigid …
Developing Active Defense from Password Spraying & Credential Stuffing
Microsoft Active Directory (AD) is ubiquitous across the corporate landscape; you probably use it to authorize access at almost every level. Due to its popularity and importance, AD is a perfect target for cyber attacks. Hackers frequently use password spraying and credential stuffing as attack methods, especially against AD. With many traditional password ‘best practices’ being outdated, are you prepared …
Eight Rules for Effective Password Protection
In the current business landscape, the largest threat to an organization is a data breach. Data breaches end up costing businesses a significant amount of lost time and revenue and can lead to a loss in consumer confidence for the business as well. So then, what is the largest reason leading to a data breach? According to Verizon’s annual report, …
Password Spraying: How Common Passwords Threaten Your Organization
When hackers target your organization with a password spraying attack, hackers are betting that one (or more) of your employees is logging in with a commonly used password. Threat actors adopt this attack method because it can be done slowly enough to avoid account lockouts. This is just one type of password attack that could hit your organization, and cyber …
Pride and Passwords: Top Hacking Methods & How to Prevent Them
Cybersecurity is becoming a pressing issue for IT professionals in all fields. There are headlines every week about data breaches of all sizes and the attacks themselves come from many angles. This article details the password attack methods hackers frequently used against enterprises and provides solutions as to how your business can prevent damage or breaches. 1. Dictionary Attacks A …
A Benchmark for Your Unsafe Passwords
News and warnings about data breaches and leaks abound at the moment, emphasizing the need for increased cybersecurity regardless of the industry. Microsoft’s Active Directory is often the perfect target for bad actors seeking to abuse compromised credentials. Despite the frequency of compromised credentials being the cause of data breaches, most organizations do not know whether their users’ passwords are safe. …
Password Blacklists: Applying the Goldilocks Principle
One of the most effective ways to increase the strength of your network’s security is to screen users’ passwords against a list of dictionary passwords and known compromised passwords. Password vulnerabilities remain a major entry point for hackers. Over the last few years, password policy has evolved in significant ways. NIST password guidelines now indicate that using a password blacklist …
Seven Active Directory Security Tips from The Experts
Microsoft Active Directory (AD) allows IT administrators to manage users, data, and applications within their organization’s network. Due to its popularity and importance within companies, AD is a perfect target for ‘bad actors.’ We’ve most likely all seen the massive increase in data breaches over the past few years. There are many attack vectors out there, but compromised credentials are …
How CJIS Evolved Password Policy Requirements
The Criminal Justice Information Services (CJIS) is the largest division of the FBI. They’re a hub of state-of-the-art tools and services for law enforcement, national security community partners, and the general public. The CJIS Security Policy is regularly updated to evolving industry best practices. Their June 2019 update introduced a new policy option for passwords. This option made it easier …
A Tale of Two Password Protection Approaches
Static Vs. Dynamic Hardly a day goes by without news of passwords being exposed in a third-party data breach. Once leaked, these credentials are easily available to other hackers via the Dark Web and, thanks to the rampant problem of password reuse, there are a variety of effective attack methods that allow hackers to obtain access to additional organizations’ systems …