Criminals have managed to hijack 1.1 million accounts at 17 companies by means of reused passwords, says New York Attorney General Letitia James. According to James, the accounts could be taken over through credential stuffing attacks. Credential stuffing uses previously leaked email addresses and passwords to gain automated access to accounts. Attackers check whether they […]
Biometric authentication techniques have gained momentum over the past few years due to the inherent vulnerability of PINs, passwords, and other similar verification methods. With that said, researchers have shared how a simple fingerprint hacking technique can render biometric authentication useless as a verification method for around 5$. Steps:1. Grab a photograph of someone’s fingerprint […]
Microsoft announced last week that users can now log in to their accounts without a password, partly because passwords are vulnerable, but it is precisely Microsoft that has broken passwords, says Kyle Rankin, chief security officer (cso) of computer and smartphone manufacturer Purism. Rankin argues that Microsoft’s poor password policies for Active Directory caused users […]
The Zero Trust approach means nothing inside or outside the company perimeter should be trusted. As a result, every user has to authenticate themselves and their identity with every login every time before they are granted access to company resources, applications and data. Components are: Multifactor authentication,IAM (identity and access management), Orchestration, AnalyticsEncryption, Scoring, File […]
Microsoft is dropping passwords to gain access to an account by leveraging a combination of factors such as your phone (something you have) and biometrics (something you are) for identification.
Organizations find it difficult to prepare for a ransomware attack. Reason for Microsft to share three steps that help prevent ransomware.1. Set up a recovery plan where no ransom is paid. Organizations must, among other things, map and backup their important data and systems, protect the backups and perform recovery tests with all systems offline. […]
Using only a password to access or manage systems remotely is unwise and should be seen as a “bad practice,” according to the Cybersecurity and Infrastructure Security Agency (CISA) of the US Department of Homeland Security. In June, the CISA decided to collect bad practices that are extremely risky and actually increase cyber risks for […]
Multiple reports over the weekend confirmed that an attacker published details — including names, user IDs, phone numbers, and emails — of more than 533 million Facebook users on a forum.
Creating, remembering and using passwords is tedious, frustrating, time-consuming and not 100% secure, because even the strongest password can be stolen and misused. That is why the Center for Cybersecurity Belgium (CCB) is campaigning from October 2020 to promote better security of accounts. Watch this video here: https://www.youtube.com/watch?v=phLcILslhbQ&feature=emb_logo
To protect accounts related to the US presidential election, Twitter will require a strong password for these accounts. These users are also recommended to set up two-factor authentication. The microblogging service has announced this on its own website. In this way, Twitter wants to protect so-called “high-profile accounts” during the upcoming presidential elections. These include […]