Exercises, Mining and Passwords - Information Management Today

Security Affairs newsletter Round 175 – News of the week

Security Affairs

AUGUST 12, 2018

. · Salesforce warns of API error that exposed Marketing data. · Tech Support Scams improved with adoption of Call Optimization Service. · Dept. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security MDM Mining Marketing

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

Rather than dropping ransomware on victims’ machines and hoping they would pay to regain access to their files, cyber criminals were increasingly cutting out the middle man and infecting victims’ machines with software that used their spare processing power to mine for cryptocurrency. Users were encouraged to change their passwords.

Data breaches

Data breaches Personal data Access GDPR

Fixing Data Breaches Part 2: Data Ownership & Minimisation

Troy Hunt

DECEMBER 19, 2017

Back in September, a number of people pointed me at Experian's "FREE Dark Web Email Scan" (capitalisation is theirs, not mine) because on the surface of it, it seemed similar to my Have I Been Pwned (HIBP) service. Report URI needs a password as well because you need to be able to login. That is absolutely ridiculous!

Data breaches

Data breaches Personal data GDPR Data collection

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

The Trouble with Politicians Sharing Passwords

Troy Hunt

DECEMBER 4, 2017

In this case, that secret is her password and, well, just read it: My staff log onto my computer on my desk with my login everyday. To be fair to Nadine, she's certainly not the only one handing her password out to other people. In fact I often forget my password and have to ask my staff what it is. No one else has access.

Passwords

Passwords Access Risk Security

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

KnowBe4

JULY 5, 2023

Use PasswordIQ to find which users are sharing passwords and which ones have weak passwords See the fully automated user provisioning and onboarding Find out how 60,000+ organizations have mobilized their end-users as their human firewall. Executive Reports - Create, tailor and deliver advanced executive-level reports NEW!

Phishing

Phishing Security awareness Passwords Computer and Electronics

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

JANUARY 16, 2019

Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. In total, there are 1,160,253,228 unique combinations of email addresses and passwords. This is when treating the password as case sensitive but the email address as not case sensitive. There are 21,222,975 unique passwords. It'll be 99.x%

Data breaches

Data breaches Passwords Risk Personal data

Have I Been Pwned Domain Searches: The Big 5 Announcements!

Troy Hunt

JUNE 15, 2023

Here's mine: One of the problems the dashboard approach helps tackle is unsubscribing on an individual domain basis. It was an all or nothing affair that nuked the lot of them whereas now, it's a domain-by-domain exercise.

IT

IT Cloud Mining Metadata

DB2 10 for z/OS and Enterprise Identity Mapping

Robert's Db2

JUNE 6, 2013

In connecting to DB2, the application utilizes a particular ID and password. Ask each user to keep track of, and to use as appropriate, a RACF ID (and password) in addition to his or her network ID? That trusted context would define the circumstances in which the privileges granted to a role could be exercised by a user.

Authentication

Authentication Passwords Mining Access

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

You had to figure out how to configure Kermit, get passwords to get on. Mine was 2000. All those exercises, the honeypot or honeynet challenges I think that's what they were called in. Hacker was more about the pursuit of knowledge. And that pursuit of knowledge because it was harder to find things that weren't search engines.

IT

IT Sales Security Honeypots

Project Svalbard: The Future of Have I Been Pwned

Troy Hunt

JUNE 10, 2019

Increasingly, I was writing about what I thought was a pretty fascinating segment of the infosec industry; password reuse across Gawker and Twitter resulting in a breach of the former sending Acai berry spam via the latter. And while I'm on Sony, the prevalence with which their users applied the same password to their Yahoo!

Data breaches

Data breaches Passwords IT Mining

Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents

Troy Hunt

FEBRUARY 10, 2020

And importantly, teaching them how to use secure passwords with @1Password ?? I sit with the kids when they do coding exercises (such as the earlier video with my daughter) and check out the homework my son does on his PC. He won't be emotionally scarred, nor will he grow up feeling like his privacy has been violated.

Privacy

Privacy Access IT Education

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Troy Hunt

APRIL 15, 2019

Then there was CloudPets leaking kids voices because the "smart" teddy bears that recorded them (yep, that's right) then stored those recordings in a publicly facing database with no password. Wearco produces "mining consumables". Wearco produces "mining consumables". mSpy leaked data.

Passwords

Passwords Privacy Manufacturing Access

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Troy Hunt

MARCH 2, 2020

How HIBP runs across the various Azure services, the Cloudflare dependencies, how I recover if things go wrong and then how that's managed across different autonomous parts of the project such as the HIBP website, the Pwned Passwords service etc etc. Collectively, we agreed to put pens down.

IT

IT Mining Sales Data breaches

Gab Has Been Breached

Troy Hunt

MARCH 3, 2021

"It is standard practice for passwords to be hashed. If the alleged breach has taken place as described, your passwords have not been revealed." If your password is "maga2020!" " This is misleading and ignores the simplicity of hash cracking. " (or similar), it has been revealed. Coincidence?

Passwords

Passwords Data breaches Mining Risk

Information Management Today

Security Affairs newsletter Round 175 – News of the week

Weekly podcast: 2018 end-of-year roundup

Webinars

Trending Sources

Fixing Data Breaches Part 2: Data Ownership & Minimisation

Webinars

The Trouble with Politicians Sharing Passwords

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

The 773 Million Record "Collection #1" Data Breach

Have I Been Pwned Domain Searches: The Big 5 Announcements!

DB2 10 for z/OS and Enterprise Identity Mapping

The Hacker Mind Podcast: Hacking Real World Criminals Online

Project Svalbard: The Future of Have I Been Pwned

Sharenting, BYOD and Kids Online: 10 Digital Tips for Modern Day Parents

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Gab Has Been Breached

Stay Connected