June 6, 2024 at 06:18AM Tom, an employee at a financial institution, unknowingly used his strong password for multiple accounts, leading hackers to compromise his credentials and potentially launch an account takeover attack. These attacks are hard to detect because they involve legitimate user credentials. Implementing strong password security and multi-factor authentication is crucial to … Read more
February 26, 2024 at 11:01AM Organizations invest in cybersecurity training programs to improve security and mitigate risks posed by end-users. However, training has limitations in changing behavior around passwords, as end-users prioritize convenience and efficiency over security. Despite being educated on best practices, many still reuse passwords, undermining organizational security efforts. Six ways to augment … Read more
February 12, 2024 at 06:27AM The article emphasizes the importance of multi-factor authentication (MFA) in enhancing password security. It highlights four social engineering tactics hackers use to bypass MFA, including AITM attacks, MFA prompt bombing, service desk attacks, and SIM swapping. It stresses the significance of robust password security alongside MFA and suggests using tools … Read more
February 7, 2024 at 10:27AM As remote work becomes more prevalent, organizations need to move away from traditional trust models and embrace a zero trust approach for secure access. This involves rigorous authentication for every user, device, and network component. Implementing the principle of least privilege and using multifactor authentication are recommended strategies to bolster … Read more
January 24, 2024 at 10:19AM Hackers attempted 1,287 password attacks per second in 2022, highlighting the importance of strong password security. Many users still use easy-to-guess passwords, creating security vulnerabilities. Organizations can promote longer, unique passwords and correlate password expiration with password length to enhance security. Tools like Specops Password Policy can help enforce these … Read more
December 14, 2023 at 11:25AM Active Directory (AD) is a prime target for threat actors due to its role in identity management. Vulnerabilities like Kerberoasting, password spraying, default credentials, and privilege escalation pose significant risks. Specops Password Policy and Specops Password Auditor offer solutions to safeguard against these threats, through strong password enforcement and breach … Read more
November 2, 2023 at 10:11AM Password reuse is a dangerous vulnerability that IT teams struggle to detect. According to a TechRepublic survey, 53% of people admit to reusing passwords, making it easier for hackers to gain access. Verizon estimates that 86% of attacks start with compromised credentials. Organizations need to take steps to mitigate this … Read more