Archive for the ‘Password Security’ Category

Cracking Password Protected ZIP, RAR & PDF using Zydra

Having confidential documents on a system, like a pdf of financial data or a zip including personal images and videos, ensure they’re password-protected so nobody else can access them. Encrypting documents with a password provides security that although the device is under attack, the attackers would be unable to view files while on the system. Even so, […]

Leave a Comment

Windows “HiveNightmare” bug could leak passwords – here’s what to do!

Windows “hives” contain registry data, some of it secret. The nightmare is that these files aren’t properly protected against snooping. As if one Windows Nightmare dogging all our printers were not enough… …here’s another bug, disclosed by Microsoft on 2021-07-20, that could expose critical secrets from the Windows registry. Denoted CVE-2021-36934, this one has variously been nicknamed HiveNightmare and SeriousSAM. […]

Leave a Comment

Vulnerability in the Kaspersky Password Manager

Stupid programming mistake, or intentional backdoor?

Leave a Comment

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100GB TXT file that contains 8.4 billion entries of passwords, which have presumably been combined from previous data leaks and breaches.  According to the post author, all passwords included in […]

Leave a Comment

How to hack into 5500 accounts… just using “credential stuffing”

We all ought to know by now that passwords that are easy to guess will get guessed. We recently reminded ourselves of that by guessing, by hand, 17 of the top 20 passwords in the Have I Been Pwned (HIBP) Pwned Passwords database in under two minutes. We tried the 10 all-digit sequences 1, 12, 123 and so on up to 1234567890, and eight of them […]

Leave a Comment

“Have I Been Pwned” breach site partners with… the FBI!

If your password gets stolen as part of a data breach, you’ll probably be told. But what if your password gets pwned some other way? n case you’ve never heard of it, Have I Been Pwned, or HIBP as it is widely known, is an online service run out of Queensland in Australia by a data breach researcher […]

Leave a Comment

Your Passwords Are Useless!

FIDO: The YubiKey 5 NFC is FIDO certified and works with Google Chrome and any FIDO-compliant application on Windows, Mac OS or Linux. Secure your login and protect your Gmail, Facebook, Dropbox, Outlook, LastPass, Dashlane, 1Password, accounts and more.

Leave a Comment

15% of Brits use their pet’s name as a password

It’s world password day! Cast your mind back to last month when it was revealed 15% of people use their pets name as their password… Make sure yours is as strong as can be!

Leave a Comment

The benefits and challenges of passwordless authentication

Passwordless authentication swaps traditional passwords for a system that identifies users by more secure methods such as “possession factor” or “inherent factor.” By switching to a passwordless approach, companies provide their employees with the same effortless and secure authentication methods that users experience on their smartphones (e.g., FaceID or fingerprint scanner). Sometimes this is confused […]

Leave a Comment

Password reuse defeats the purpose of passwords

There are four forms of password reuse and they all are bad The first and easiest to prevent is the use of the same password on the same account. For example, if my username is michael.schenck, my password is Football123, and the system prompts me to change my password but lets me use Football123 again […]

Leave a Comment

Developing a Strong Security Posture in the Era of Remote Work

Leave a Comment

Intern caused ‘solarwinds123’ password leak

Initial investigation suggested that the password “solarwinds123” was publicly accessible via a misconfigured GitHub repository since June 17, 2018. The issue was addressed on November 22, 2019. New details emerged about the security breach, in a hearing before the House Committees on Oversight and Reform and Homeland Security, CEO Sudhakar Ramakrishna confirmed that the password had been […]

Leave a Comment

What’s your password?!

Leave a Comment

Hacker blunder leaves stolen passwords exposed via Google search

Source: Hacker blunder leaves stolen passwords exposed via Google search Hackers hitting thousands of organizations worldwide in a massive phishing campaign forgot to protect their loot and let Google the stolen passwords for public searches. The phishing campaign has been running for more than half a year and uses dozens of domains that host the phishing […]

Leave a Comment

More Ways To Make Passwords

Leave a Comment

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

The list was shared by the operator of a DDoS booter service. the list was compiled by scanning the entire internet for devices that were exposing their Telnet? port (23). Telnet sends password as plain text. we are still using clear text protocols in 2020? The hacker then may try using factory default usernames and […]

Leave a Comment

Apple releases new open source ‘Password Manager Resources’ project for developers – 9to5Mac

Apple has announced today that it is launching an open source project designed for developers of password managers. The goal is to make it easier for developers to “create strong passwords that are compatible with popular websites. Apple’s iCloud Keychain platform is already able to generate strong passwords at the time of account creation or […]

Leave a Comment

What’s your Password?!

Very funny 😂 security password reminder, not funny that this is real! Most Hilarious 😹 WiFi Names Obama 😎 finds ways to make cybersecurity funny 😎 Subscribe to DISC InfoSec blog by Email

Leave a Comment

Password Security

Password Security Infographic by NCSC Enter your email address: Delivered by FeedBurner

Leave a Comment