Six password takeaways from the updated NIST cybersecurity framework

December 4, 2024 at 10:34AM NIST’s updated password guidelines emphasize length over complexity for stronger security. Key recommendations include supporting long passphrases, implementing multi-factor authentication (MFA), avoiding mandatory password changes unless necessary, blocking known compromised passwords, and eliminating outdated recovery methods. These measures help organizations enhance password policies and reduce vulnerabilities. ### Key Takeaways from … Read more

Is your password policy working? Key cybersecurity KPIs to measure

July 30, 2024 at 10:22AM Organizations need to assess the effectiveness of their cybersecurity investments, including password policies. Aligning password policies with wider cybersecurity KPIs allows IT teams to measure the success or failure of their password security policies and identify areas needing improvement. Specops Password Auditor is a free tool for evaluating Active Directory’s … Read more

Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories

November 24, 2023 at 02:30AM Cybersecurity researchers have discovered publicly exposed Kubernetes configuration secrets that could potentially lead to supply chain attacks. The secrets, containing credentials for accessing container image registries, were uploaded to public repositories. Among those affected are top blockchain companies and fortune-500 companies. The researchers found that a significant portion of the … Read more