Authentication, Password Management and Surveillance

The Risk of Weak Online Banking Passwords

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking

Banking Passwords Risk Accountability

Man accused of using keylogger to spy on colleagues, log in to their personal accounts and watch them at home

Malwarebytes

APRIL 9, 2025

The lawsuit claims that this gave Bathula login credentials for the victims’ personal accounts and systems, including bank accounts, emails, home surveillance systems, Dropbox accounts, Google Drives, dating applications, Google Nests, and iCloud accounts. Use a password manager. Use multi-factor authentication.

Accountability

Accountability Spyware Passwords Password Management

The Challenges Facing the Passwordless Future

eSecurity Planet

SEPTEMBER 25, 2022

Microsoft is already providing passwordless features to Azure Active Directory, and for Google, multi-factor authentication (MFA) has become mandatory. While big tech phases in new authentication solutions, Dashlane — a password manager used by more than 20,000 companies and more than 15 million users — made a full switch.

Passwords

Passwords Password Management Authentication Technology

Security company ADT announces security breach of customer data

Malwarebytes

AUGUST 9, 2024

Electronic surveillance equipment provider ADT filed a form 8-K with the Security and Exchange Commision (SEC) to report “a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information.” Choose a strong password that you don’t use for anything else.

Data breaches

Data breaches Passwords Phishing Password Management

Keeper vs Dashlane: Which Should You Use in 2024?

eSecurity Planet

JUNE 21, 2024

Keeper and Dashlane are top password managers prioritizing multi-layered encryption systems for secure password sharing. Both password managers are suitable for small to large businesses. 5 Keeper, a low-cost password manager, highlights security with strong end-to-end encryption and authentication.

Password Management

Password Management Passwords Encryption VPN

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

Hacking collectives are very proficient at “exploiting weak authentication schemes to gain persistence inside of a targeted network,” Sherman says. To malicious hackers , it’s like getting dropped off at a candy store that’s giving away free treats. Once they gain a foothold, they can move laterally and gain access to other enterprise assets.”

IoT

IoT Healthcare Internet Internet

Tips to protect your data, security, and privacy from a hands-on expert

Malwarebytes

MARCH 4, 2022

Use a strong, unique password for each login you use. Use a password manager to create and remember passwords if you can. If you aren’t using a password manager, use long passphrases that cannot be found in a dictionary. Backup to an external device and disconnect it when the backup is complete.

Backups

Backups Password Management Identity Theft Passwords

Stalkerware activity drops as glaring spying problem is revealed

Malwarebytes

OCTOBER 11, 2023

It’s spying when governments do it through opaque, mass surveillance regimes, it’s spying when companies do it through shadowy data broker networks that braid together disparate streams of information, and it’s spying when private individuals do it through unseen behavior on personal devices.

Surveillance

Surveillance Passwords Software Technology

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

Threat actors exploited a critical vulnerability, tracked as CVE-2021-40539 , in the Zoho ManageEngine ADSelfService Plus software, which is self-service password management and single sign-on solution. KdcSponge allows capturing the domain name, username, and password.

Healthcare

Healthcare Password Management Financial Services Surveillance

What is Shoulder Surfing?

Identity IQ

JANUARY 20, 2023

Therefore, use different passwords for different accounts and yourself the trouble. Utilize a Secure Password Manager. Consider using a password manager. Password managers help you generate complex, long, and complicated passwords to better protect your accounts from being compromised.

Identity Theft

Identity Theft Passwords Banking Accountability

Exploring Human Errors in Cybersecurity

Approachable Cyber Threats

MAY 30, 2023

Therefore, you must remember to set up more sophisticated passwords with unique combinations of letters (upper-case & lower-case), numbers and symbols, or even long passphrases instead of simple passwords. This will reduce the risk of exposing sensitive information due to weak passwords.

Cybersecurity

Cybersecurity Passwords Data breaches Risk

Top Methods Use By Hackers to Bypass Two-Factor Authentication

Hacker's King

MAY 20, 2023

Two-factor authentication (2FA) has become an essential security measure in the digital age. By combining something you know(like a password) with something you have(such as a verification code), 2FA adds an extra layer of protection to your online accounts. However, like any security system, 2FA is not foolproof.

Authentication

Authentication Social Engineering Spyware Engineering

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

With each attack, the hackers would turn on their password-slurping tools for roughly one hour, and then switch them off before returning the network to its original state after each run. “Large organizations down to mom-and-pop entities are not paying attention to some very basic security practices, like multi-factor authentication.

DNS

DNS Internet Internet Government

Understanding and Recognizing Tech Abuse

SecureWorld News

AUGUST 16, 2023

A common example of this is surveillance. We normalize the use of surveilling and tracking young people through "parentware" or spyware (software which allows someone to see what someone else is doing on their device) and apps which enable the tracking of someone's location. Earlier, I discussed the normalization of surveillance.

Surveillance

Surveillance Technology Accountability Spyware

Password Encryption 101: Best Practices Guide for Orgs of All Sizes

SecureWorld News

APRIL 24, 2023

Deploying video surveillance can also help here. Malware Certain types of malicious software are designed to steal passwords or attempt to crack passwords. Consider periodically updating the salt for each password. Monitor and audit access to the password database to ensure only authorized individuals can access it.

Encryption

Encryption Passwords Software Password Management

Exploring Human Errors in Cybersecurity

Approachable Cyber Threats

MAY 30, 2023

Therefore, you must remember to set up more sophisticated passwords with unique combinations of letters (upper-case & lower-case), numbers and symbols, or even long passphrases instead of simple passwords. This will reduce the risk of exposing sensitive information due to weak passwords.

Cybersecurity

Cybersecurity Passwords Data breaches Risk

Security Roundup February 2024

BH Consulting

FEBRUARY 15, 2024

Passwords: can’t live with ’em, can’t access vital online services without ’em Passwords were in the news again lately, for all the wrong reasons. LastPass, the password management service, is enforcing a 12-character minimum for master passwords to access its service.

Passwords

Passwords Surveillance Risk Data breaches

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

This framework guarantees that appropriate authentication measures, encryption techniques, data retention policies, and backup procedures are in place. Questions to Answer Consider these questions to verify your organization’s data security and threat detection strategies: Are multi-factor authentication techniques required for user access?

Risk

Risk Threat Detection Data breaches Encryption

Using CAPTCHA for Compromise: Hackers Flip the Script

Digital Shadows

DECEMBER 16, 2024

Encourage them to be vigilant in verifying URL authenticity to thwart infection attempts. Alternatively, consider deploying an organization-wide password manager, offering users convenience while enhancing security. By providing clear examples, employees will be able to effectively spot these threats early.

Malware

Malware Passwords Education Identity Theft

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

I also discovered several security vulnerabilities in LastPass Password Manager. With the introduction of Apple's iOS 8, new system-level security abilities emerged, including the ability to use TouchID for several authentication scenarios. What do you think people considering a career in cybersecurity should know?

Computers and Electronics

Computers and Electronics Architecture Education Encryption

Radiology provider exposed tens of thousands of patient files

Malwarebytes

OCTOBER 3, 2024

And to make things worse the accounts had passwords three to five letters in length and were not protected by two-factor authentication (2FA). This level of authentication is below par by any standard, but it’s especially unacceptable when it concerns sensitive patient data. Better yet, let a password manager choose one for you.

Passwords

Passwords Artificial Intelligence Authentication Data breaches

What is a Virtual Private Network (VPN)? VPN Security Explained

eSecurity Planet

SEPTEMBER 12, 2024

Authentication: Users must prove to the VPN they are who they claim to be to have access to the network. Two-factor authentication relies on something the person has (a particular device, a fob or card, a virtual key, for example) and something a person knows (a password).

VPN

VPN Passwords Encryption Authentication

Cyber Security Informer

The Risk of Weak Online Banking Passwords

Man accused of using keylogger to spy on colleagues, log in to their personal accounts and watch them at home

Trending Sources

The Challenges Facing the Passwordless Future

Security company ADT announces security breach of customer data

Keeper vs Dashlane: Which Should You Use in 2024?

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

Tips to protect your data, security, and privacy from a hands-on expert

Stalkerware activity drops as glaring spying problem is revealed

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

What is Shoulder Surfing?

Exploring Human Errors in Cybersecurity

Top Methods Use By Hackers to Bypass Two-Factor Authentication

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Understanding and Recognizing Tech Abuse

Password Encryption 101: Best Practices Guide for Orgs of All Sizes

Exploring Human Errors in Cybersecurity

Security Roundup February 2024

What Is a SaaS Security Checklist? Tips & Free Template

Using CAPTCHA for Compromise: Hackers Flip the Script

CISSPs from Around the Globe: An Interview with James Wright

Radiology provider exposed tens of thousands of patient files

What is a Virtual Private Network (VPN)? VPN Security Explained

Stay Connected