Troy Hunt

JULY 9, 2018

One of the most alarming trends I've seen in the world of data breaches since starting Have I Been Pwned (HIBP) back in 2013 is the rapid rise of credential stuffing attacks. Go and get a password manager (I use 1Password ), generate random strings for passwords, job done. (Of

Passwords 219

Passwords Password Management Data breaches Accountability 219

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. The more iterations, the longer it takes an offline attacker to crack your master password.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Krebs on Security

JULY 10, 2022

In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Turner said he created the account at Experian in 2020 to place a security freeze on his credit file, and that he used a password manager to select and store a strong, unique password for his Experian account.

Accountability 338

Accountability Passwords Authentication Password Management 338

Malwarebytes

MAY 5, 2022

Elsewhere, leaks in which passwords may feature prominently can run the full range of “secure password” to “plaintext data and viewable by anyone” When passwords are exposed, it potentially provides inroads into multiple accounts owned by the victim. Shoring up your passwords.

Passwords 96

Passwords Password Management Authentication Accountability 96

Troy Hunt

JULY 18, 2022

There were 2 very simple reasons I built that and I've given this same answer in probably a hundred interviews since 2013: I wanted to build something on Azure in anger. I was trying to drive Pfizer (where I worked at the time) down the cloud path and in particular, towards PaaS. What about Why No HTTPS ? Or HTTPS is Easy ?

Data breaches 295

Data breaches Passwords Password Management Software 295

SecureWorld News

AUGUST 15, 2024

The scale of this breach, if confirmed, would rival or exceed other notorious data breaches in history, such as the 2013 Yahoo breach that affected an estimated 3 billion accounts. Use complex, unique passwords for all accounts and consider using a password manager.

Data breaches 107

Data breaches Identity Theft Password Management Data collection 107

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. Weak passwords are the easiest way hackers can hack into a system. Organizations must have a robust password policy. Here are three of the worst data breaches that could have been avoided: Yahoo.

Data breaches 106

Data breaches Passwords Social Engineering Encryption 106

CyberSecurity Insiders

MAY 6, 2022

World Password Day is celebrated in May every year and is being done since 2013 as a group of Cybersecurity Professionals declared the first Thursday of May every year as the day to celebrate as the security day of our online lives. Like how we celebrate International’s Mother’s day every year on the second Sunday of May every year.

Passwords 118

Passwords Authentication Accountability Password Management 118

eSecurity Planet

SEPTEMBER 25, 2022

In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology. While big tech phases in new authentication solutions, Dashlane — a password manager used by more than 20,000 companies and more than 15 million users — made a full switch. The Natural Log-in Evolution.

Passwords 126

Passwords Password Management Authentication Technology 126

Malwarebytes

MAY 15, 2022

In 2013, we had pretend hitmen threatening murder unless victims paid $25,000 to survive their non-existent wrath. 2 factor authentication and password managers are good places to start. Some take it a step further, leaning in with a more direct approach, ranging from death threats to sextortion, and even kidnap claims.

Scams 132

Scams Social Engineering Password Management Engineering 132

Troy Hunt

MAY 24, 2018

Casey is the founder of Bugcrowd and they help companies ranging from MasterCard to NETGEAR to Western Union run managed bug bounty programs. Casey and I have been mates for about 5 years now, in fact I went back and checked my email and it was Jan 2013 when we first caught up over beers in Sydney and he shared his vision for Bugcrowd.

Password Management 122

Password Management Internet Internet Passwords 122

Anton on Security

JUNE 10, 2022

A password manager claimed “zero trust for passwords” while a SIEM/UEBA vendor promised to reveal all zero trust secrets (I bet they use VPN internally…). A firewall management vendor claimed to “simplify zero trust.” RSA 2013 and Endpoint Agent Re-Emergence RSA 2006–2015 In Anton’s Blog Posts!

VPN 189

VPN Marketing Firewall Passwords 189

Security Affairs

AUGUST 27, 2020

Example of leaked email addresses: Besides the CSV files, the bucket also contained voice recordings of several sales pitches to digital marketers about RepWatch, which appears to be a long-defunct domain reputation management tool and may or – considering when the files were uploaded – may not be related to the CSV files stored in the bucket.

Social Engineering 145

Social Engineering Passwords Marketing Phishing 145

Malwarebytes

MAY 19, 2021

What these names have in common is that they have all experienced at least one breach in 2013—the year when threat actors started targeting organizations across industries to either steal data for profit or leak them to “teach companies a lesson about cybersecurity.” The US Department of Energy (DoE). The New York Times.

Passwords 128

Passwords Data breaches Government Accountability 128

Security Affairs

JULY 31, 2020

The motion picture acquisition agreements, tax ID requests, and contract addendum scans all date between 2013 and 2016. The vast majority of the files stored in the unsecured bucket are film thumbnail pictures and various promotional materials. What to do if you’ve been affected?

Identity Theft 87

Identity Theft Accountability Advertising Marketing 87

SecureList

JUNE 16, 2021

From 2015 to February 2018, the malware was compiled with Visual Studio 2013 and 2015, whereas in February 2018, the developers moved to Visual Studio 2017 and embedded the malware’s logic within Microsoft Foundation Class (MFC) classes. argument: path to file to upload. – List files and repositories.

Surveillance 145

Surveillance Malware Password Management Passwords 145

Security Boulevard

JUNE 10, 2022

A password manager claimed “zero trust for passwords” while a SIEM/UEBA vendor promised to reveal all zero trust secrets (I bet they use VPN internally…). A firewall management vendor claimed to “simplify zero trust.” RSA 2013 and Endpoint Agent Re-Emergence. Related posts: RSA 2020 Reflection.

VPN 116

VPN Marketing Firewall Passwords 116

The Last Watchdog

MAY 11, 2020

organizations between January 2013 and July 2019. Two meaningful steps every person can take, right now, is to begin routinely using a password manager and encrypted browsers. And yet, it remains true today that most folks do not take that responsibility seriously enough. Ransomware hacking groups extorted at least $144.35

Computers and Electronics 113

Computers and Electronics Data privacy Encryption Media 113

Troy Hunt

JANUARY 10, 2018

I ended up moving this section after the miscellaneous one simply because of this: We've seen a 2016 copyright, a 2010 copyright and now a 2013 copyright published on a 2014 page! This is poor form as it can break tools that encourage good security practices such as password managers. Blocking Paste.

Hacking 279

Hacking Government Encryption Risk 279

eSecurity Planet

MARCH 25, 2022

N-able – formerly SolarWinds MSP between 2013 and 2021 – has over two decades of experience in integrated monitoring and management tools for enterprise organizations. Partnering with SentinelOne , N-able launched its endpoint detection and response (EDR) and password management solutions in 2019.

VPN 122

VPN Software Authentication Encryption 122

Spinone

JANUARY 21, 2015

Since we are left only a month and a half till the Valentine’s Day it’s rather obvious to claim that password “iloveyou” is one of the nine passwords from 2013-2014. According to the recent reports, the passwords evaluated for the 2014 list were mostly held by users of North America and Western Europe.

Passwords 40

Passwords Password Management Backups Hacking 40

SiteLock

AUGUST 27, 2021

The next notification I received was for an earlier intrusion, the 2013 compromise of 2.4 Use strong, non-dictionary passwords for sites and services, use a password manager to store them, and never reuse passwords across sites. million student records from the local community college system I attend.

Data breaches 52

Data breaches Passwords Identity Theft Firewall 52

Pen Test Partners

SEPTEMBER 9, 2024

Privacy and Passwords: Two-step verification is done by default, but multi-factor authentication (MFA) is recommended. Ring started in 2013, offering video doorbells that let you see and talk to visitors from your phone. For better security, use a password manager to generate and store longer, random passwords.

Firmware 64

Firmware Encryption Passwords Authentication 64

ForAllSecure

MARCH 1, 2022

Vamosi: One sunny morning in 2013. In 2013, we only knew that someone calling themselves Dread Pirate Roberts was running the site. Don't use familiar passwords seriously. If you want nothing to connect back to you choose an entirely new set of passwords. Actually, the real hero of this story wasn't within the FBI.

Hacking 52

Hacking Mobile Cryptocurrency VPN 52

eSecurity Planet

DECEMBER 3, 2021

Tabriz has led Google Chrome’s security since 2013, which extends to managing Product, Engineering, and UX today. Behold the tale of kid who reuses their passwords & ends up pwn'd, then learns how to stay safe. We're on a mission to encourage unique passwords stored in a password manager with MFA on.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Adam Shostack

DECEMBER 15, 2016

Yesterday, Yahoo disclosed that attackers broke into Yahoo in 2013 and stole details on a billion accounts. The first mistake is to not recommend a password manager. Using a password manager is essential to using a different password on each website. So: use a password manager. You move on.

Password Management 100

Password Management Passwords Encryption Accountability 100