Accountability, Cyber Risk and Password Management

Security Vulnerabilities in US Weapons Systems

Schneier on Security

OCTOBER 10, 2018

The US Government Accounting Office just published a new report: " Weapons Systems Cyber Security: DOD Just Beginning to Grapple with Scale of Vulnerabilities " (summary here ). However, they make weapon systems more vulnerable to cyber attacks. The upshot won't be a surprise to any of my regular readers: they're vulnerable.

Password Management

Password Management Cyber Risk Passwords Cyber Attacks

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Jane Frankland

APRIL 15, 2025

The hard truth is that technology alone cant fix the root causes of cyber risk. Whether its a mis-click on a phishing email, poor password management, acting on a deepfake, or a misconfiguration, human error accounts for most breaches. These are challenges that require more than just a flashy new tool to overcome.

Risk

Risk Technology Cybersecurity Security Awareness

Half of US Consumer’s Personal Data was stolen in 2021

CyberSecurity Insiders

SEPTEMBER 30, 2022

Concernedly, all such siphoned info is being used for launching phishing attacks or to siphon money from bank accounts. And sometimes, 23% of them experienced cyber-bullying and around 20% of them became a victim of a romance scam.

Identity Theft

Identity Theft Scams Passwords Password Management

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

How to Use Dashlane in 2024: Complete Starter Guide

eSecurity Planet

SEPTEMBER 3, 2024

Dashlane is a leading password manager designed to simplify and secure your digital life. It consolidates your passwords into a single, encrypted vault. Dashlane is a popular and highly regarded password manager that provides robust security and convenient features to keep your credentials safe.

Password Management

Password Management Passwords Encryption VPN

Paving the Way to Passwordless

Duo's Security Blog

MAY 5, 2022

Do you remember all the passwords to your various accounts and profiles? How many times have you forgotten your login details, attempted to reset your password, and faced the painful reminder, ‘your new password cannot be the same as previous’?

Passwords

Passwords Password Management Authentication Accountability

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

Here are some of the key takeaways: PAM 101 PAM is crucial to all companies because it reduces opportunities for malicious users to penetrate networks and obtain privileged account access, while providing greater visibility of the environment. Current PAM solutions cater almost exclusively for large organizations. I hope there’s more to come.

Authentication

Authentication Risk Digital transformation Passwords

ShinyHunters Hits Ticketmaster with Breach Impacting 560 Million Users

SecureWorld News

MAY 30, 2024

Customers can protect themselves by changing passwords and monitoring their accounts, although this may be fruitless if the attackers still have access or if there is no breach in the first place." If confirmed, Ticketmaster must be transparent about the accessed data.

Data breaches

Data breaches Data privacy Marketing Accountability

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. This allowed hackers to breach many user accounts. Organizations must have a robust password policy.

Data breaches

Data breaches Passwords Social Engineering Encryption

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

SecureWorld News

APRIL 29, 2024

If there is a silver lining, it is likely the data exposed to advertisers such as Microsoft and Google does not include usernames, passwords, Social Security numbers (SSNs), financial account information, or credit card numbers. Protecting your information online starts with good cyber hygiene.

Data breaches

Data breaches Healthcare Identity Theft Advertising

New York SHIELD Act: Everything You Need to Know for Compliance

Centraleyes

MARCH 3, 2025

Expanded Definitions The SHIELD Act modernizes key definitions to reflect the realities of todays digital environment: Private Information: Beyond traditional identifiers like Social Security and account numbers, the SHIELD Act includes: Biometric data (e.g., Email addresses or usernames combined with passwords or security questions.

Data breaches

Data breaches Risk Financial Services Data privacy

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering

Social Engineering Engineering Accountability Backups

Five worthy reads: Password hygiene – The first step towards improved security

Security Boulevard

JULY 9, 2021

This week let’s go back to security basics with password hygiene—the simplest, and yet often overlooked step in account security. Passwords …. The post Five worthy reads: Password hygiene – The first step towards improved security appeared first on ManageEngine Blog.

Passwords

Passwords Account Security Accountability Password Management

Cookie Theft: What Is It & How to Prevent It

eSecurity Planet

AUGUST 22, 2024

These cookies save session data, including login credentials, which allows attackers to obtain unauthorized access to accounts. Although cookies are intended for secure session management, they require protection methods to avoid the risk of misuse and illegal access to personal information or online accounts.

Identity Theft

Identity Theft Passwords Accountability Authentication

Cyber security guidance for small fleet operators

Pen Test Partners

JANUARY 23, 2025

This awareness training aims to improve the security of IT systems to that OT systems are not exposed to risk. Currently, the OT systems in the fleet that present cyber risk are: Chart Plotters and AIS receivers CCTV Cellular Wi-Fi Persons Responsible for cyber security The Marine Director is the cyber security officer (CySO) for the fleet.

Passwords

Passwords Phishing Cyber Attacks Media

34 Most Common Types of Network Security Protections

eSecurity Planet

MARCH 17, 2023

TPRM software frequently includes built-in compliance support for internal policy and external mandate management, continuous threat monitoring across all users, processes and templates, and risk monitoring and exposure reports.

Network Security

Network Security Penetration Testing Firewall Software

Security Roundup February 2024

BH Consulting

FEBRUARY 15, 2024

Creeping cyber risk grabbing global headlines The World Economic Forum’s latest Global Cybersecurity Outlook 2024 gives senior leaders a high-level overview of cybersecurity trends. Cyber attacks featured in the top five risks for the year ahead, along with factors like extreme weather and the cost of living crisis.

Passwords

Passwords Surveillance Risk Data breaches

Complete Guide to Cybersecurity for Small Businesses

eSecurity Planet

OCTOBER 15, 2024

Managed security services or cost-effective cybersecurity tools can provide essential protection within budget limitations. Lack of Awareness Many small business owners remain unaware of the specific cyber risks targeting their businesses.

Small Business

Small Business Cybersecurity Backups Firewall

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering

Social Engineering Engineering Accountability Backups

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

Ongoing training initiatives can cover security factors beyond basic awareness, enabling personnel to spot and mitigate possible cyber risks efficiently. Encourage strong password practices: Provide tips on how to create complex passwords and use password management tools.

Risk

Risk Threat Detection Data breaches Encryption

Top 5 Strategies for Vulnerability Mitigation

Centraleyes

DECEMBER 6, 2023

A thorough cybersecurity risk assessment is an essential and comprehensive way to identify vulnerabilities in your organization that a scan alone cannot catch. A cyber risk assessment will identify and prioritize your assets, show how well your controls are working, identify gaps and offer insights into cybersecurity risk mitigation.

Risk

Risk Cyber Risk Software Information Security

Author Q&A: Former privacy officer urges leaders to prioritize security as part of cloud migration

The Last Watchdog

MAY 30, 2023

Cyber risks from third-party vendors further complicate the situation. To navigate this, SMBs need to conduct an enterprise risk assessment, implement basic cybersecurity controls, train their workforce, and consider outsourcing cybersecurity to a security-as-a-service provider.

Cloud Migration

Cloud Migration Passwords Cybersecurity Cyber threats

No more snack attacks? Mondelez hopes new security training program can help prevent the next ‘NotPetya’

SC Magazine

APRIL 14, 2021

How do you handle critical information password management, dealing with password multiple passwords? There are also manufacturing plant employees, who have very different jobs and associated cyber risks. And we said, what are the key behaviors we want to measure? And it’s not just office workers, is it?

Manufacturing

Manufacturing Security Awareness Phishing Passwords

No more snack attacks? Mondelez hopes new security training will prevent the next ‘NotPetya’

SC Magazine

APRIL 14, 2021

How do you handle critical information password management, dealing with password multiple passwords? There are also manufacturing plant employees, who have very different jobs and associated cyber risks. And we said, what are the key behaviors we want to measure? And it’s not just office workers, is it?

Manufacturing

Manufacturing Security Awareness Phishing Passwords

The story of the year: remote work

SecureList

DECEMBER 10, 2020

Some employees are not strictly using their business accounts for work-related purposes. For example, 42% of workers say they are using personal email accounts for work and nearly half (49%) have admitted to increasing how often they do this. The cybercriminals were after login credentials for accounts on the official WHO site.

Scams

Scams Passwords Phishing Internet

Cyber Security Informer

Security Vulnerabilities in US Weapons Systems

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Webinars

Trending Sources

Half of US Consumer’s Personal Data was stolen in 2021

Webinars

How to Use Dashlane in 2024: Complete Starter Guide

Paving the Way to Passwordless

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

ShinyHunters Hits Ticketmaster with Breach Impacting 560 Million Users

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

New York SHIELD Act: Everything You Need to Know for Compliance

Scattered Spider x RansomHub: A New Partnership

Five worthy reads: Password hygiene – The first step towards improved security

Cookie Theft: What Is It & How to Prevent It

Cyber security guidance for small fleet operators

34 Most Common Types of Network Security Protections

Security Roundup February 2024

Complete Guide to Cybersecurity for Small Businesses

Scattered Spider x RansomHub: A New Partnership

What Is a SaaS Security Checklist? Tips & Free Template

Top 5 Strategies for Vulnerability Mitigation

Author Q&A: Former privacy officer urges leaders to prioritize security as part of cloud migration

No more snack attacks? Mondelez hopes new security training program can help prevent the next ‘NotPetya’

No more snack attacks? Mondelez hopes new security training will prevent the next ‘NotPetya’

The story of the year: remote work

Stay Connected