Duo's Security Blog

MAY 5, 2022

Do you remember all the passwords to your various accounts and profiles? How many times have you forgotten your login details, attempted to reset your password, and faced the painful reminder, ‘your new password cannot be the same as previous’?

Passwords 98

Passwords Password Management Authentication Risk 98

Security Boulevard

MARCH 21, 2023

Digital fraud and cybersecurity risks are always with us, and they’re constantly changing as businesses open new channels and adopt new technologies that criminals work to exploit. Data breaches are an especially thorny problem, with millions of customer records breached every year, and even password managers becoming vulnerable targets.

Risk 97

Risk Cybersecurity Password Management Data breaches 97

Security Affairs

DECEMBER 1, 2022

While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. SolarWinds employees claim that the attack resulted from a weak password that an intern had used – “solarwinds123”. All of that could’ve been avoided had SolarWinds implemented a strong password policy.

Data breaches 106

Data breaches Passwords Social Engineering Encryption 106

eSecurity Planet

SEPTEMBER 24, 2022

This is done by using native security technology and analytics that allow for attack surface management, continuous red teaming, breach & attack simulation and advanced purple teaming. Customers see a nearly 50% reduction in cyber risk within the first three months of use. Bitwarden’s software is fairly straightforward.

Cybersecurity 140

Cybersecurity Marketing Password Management Risk 140

SecureWorld News

APRIL 29, 2024

If there is a silver lining, it is likely the data exposed to advertisers such as Microsoft and Google does not include usernames, passwords, Social Security numbers (SSNs), financial account information, or credit card numbers. Advertisers use this vast array of information to create customer personas for targeted advertising."

Data breaches 114

Data breaches Healthcare Identity Theft Advertising 114

SecureWorld News

MAY 30, 2024

Customers can protect themselves by changing passwords and monitoring their accounts, although this may be fruitless if the attackers still have access or if there is no breach in the first place." The reported Ticketmaster-Live Nation breach also underscores escalating third-party cyber risks for companies entrusted with customer data.

Data breaches 118

Data breaches Data privacy Marketing Accountability 118

The Security Ledger

OCTOBER 16, 2019

In this Spotlight edition of our podcast sponsored by LastPass* we’re joined by LogMeIn Chief Information Security Officer Gerald Beuchelt to talk about LastPass’s third annual Global Password Security Report, which finds password hygiene improving at large companies, but lagging at smaller firms. Read the whole entry. »

Passwords 40

Passwords Technology Password Management Information Security 40

Centraleyes

MARCH 3, 2025

Email addresses or usernames combined with passwords or security questions. Technical Safeguards These involve leveraging technology to prevent, detect, and address cyber risks: Regularly assess IT infrastructure for vulnerabilities. fingerprints, retina scans). Use tools to detect and prevent unauthorized access or attacks.

Data breaches 52

Data breaches Risk Financial Services Data privacy 52

eSecurity Planet

MARCH 17, 2023

Third-Party Risk Management Product Guide Best Third-Party Risk Management (TPRM) Tools Password Management Password management software is designed to securely store individual user, team, and organizational credentials in a centralized, encrypted password vault.

Network Security 120

Network Security Penetration Testing Firewall Software 120

Pen Test Partners

JANUARY 23, 2025

Most attacks start with weak passwords or phishing emails, making employees the first line of defence. Steps like using strong passwords, enabling MFA, spotting phishing, and reporting incidents quickly can significantly reduce risk. Their aim is to obtain passwords for systems or coerce you into downloading malware.

Passwords 64

Passwords Phishing Cyber Attacks Media 64

eSecurity Planet

AUGUST 22, 2024

Receive unexpected password reset notifications: Identify unrequested password reset messages as potential evidence of exploited access. Enhance account security using Two-Factor Authentication (2FA), enforce strong password restrictions, and regularly update software to protect against possible threats.

Identity Theft 85

Identity Theft Passwords Accountability Authentication 85

The Security Ledger

SEPTEMBER 14, 2022

at the password management firm LastPass, what the CSTO role entails and how companies need to do more to confront the security implications of “software eating the world.” You can listen to our podcast using the player below, or check it out on iTunes , Spotify , Stitcher , Radio Public and [name your favorite podcast platform].

CISO 52

CISO Password Management Technology Software 52

eSecurity Planet

OCTOBER 15, 2024

Managed security services or cost-effective cybersecurity tools can provide essential protection within budget limitations. Lack of Awareness Many small business owners remain unaware of the specific cyber risks targeting their businesses. This extra step can prevent unauthorized access, even if passwords are compromised.

Small Business 67

Small Business Cybersecurity Backups Firewall 67

Digital Shadows

OCTOBER 23, 2024

Figure 3: Scattered Spider attack timeline Social Engineering: Fool Me Once, Fool Me Twice To gain initial access to the target network, the threat actor called the organization’s IT help desk and persuaded staff to reset the CFO’s account password. This isn’t the first time we’ve seen Scattered Spider target password managers.

Social Engineering 122

Social Engineering Engineering Accountability Backups 122

BH Consulting

FEBRUARY 15, 2024

Creeping cyber risk grabbing global headlines The World Economic Forum’s latest Global Cybersecurity Outlook 2024 gives senior leaders a high-level overview of cybersecurity trends. Cyber attacks featured in the top five risks for the year ahead, along with factors like extreme weather and the cost of living crisis.

Passwords 52

Passwords Surveillance Risk Data breaches 52

SC Magazine

JUNE 2, 2021

But in this case, “the emphasis on cyber leadership in this program is a useful one. In many organizations of all sizes, cyber risks go uncontrolled because the teams responsible for tackling them don’t have robust executive sponsorship, and so providing leaders with the correct perspective to support these teams are vital.”.

Risk 79

Risk Small Business Education Cybersecurity 79

SecureWorld News

DECEMBER 7, 2022

Another change that may occur in the cyber insurance market in 2023 is the adoption of new technologies and risk management strategies by insurers. To effectively protect an organization from cyber threats, it is important for everyone from senior executives to entry-level employees be actively involved in the process.

Cybersecurity 98

Cybersecurity Cyber Insurance Insurance Social Engineering 98

eSecurity Planet

APRIL 9, 2024

Ongoing training initiatives can cover security factors beyond basic awareness, enabling personnel to spot and mitigate possible cyber risks efficiently. Is there cybersecurity training on best practices, including setting strong passwords in accordance with the organization’s policy?

Risk 108

Risk Threat Detection Data breaches Encryption 108

Centraleyes

DECEMBER 6, 2023

A thorough cybersecurity risk assessment is an essential and comprehensive way to identify vulnerabilities in your organization that a scan alone cannot catch. A cyber risk assessment will identify and prioritize your assets, show how well your controls are working, identify gaps and offer insights into cybersecurity risk mitigation.

Risk 52

Risk Cyber Risk Software Information Security 52

Digital Shadows

OCTOBER 23, 2024

Figure 3: Scattered Spider attack timeline Social Engineering: Fool Me Once, Fool Me Twice To gain initial access to the target network, the threat actor called the organization’s IT help desk and persuaded staff to reset the CFO’s account password. This isn’t the first time we’ve seen Scattered Spider target password managers.

Social Engineering 52

Social Engineering Engineering Accountability Backups 52

The Last Watchdog

MAY 30, 2023

Cyber risks from third-party vendors further complicate the situation. To navigate this, SMBs need to conduct an enterprise risk assessment, implement basic cybersecurity controls, train their workforce, and consider outsourcing cybersecurity to a security-as-a-service provider.

Cloud Migration 188

Cloud Migration Passwords Cybersecurity Cyber threats 188

SC Magazine

APRIL 14, 2021

But actually, when you put them in a scenario – “Hey… would you be sharing a password with [your boss]?” How do you handle critical information password management, dealing with password multiple passwords? But when we asked them, “Can you place these passwords in order of strength?”

Manufacturing 90

Manufacturing Security Awareness Phishing Passwords 90

SC Magazine

APRIL 14, 2021

But actually, when you put them in a scenario – “Hey… would you be sharing a password with [your boss]?” How do you handle critical information password management, dealing with password multiple passwords? But when we asked them, “Can you place these passwords in order of strength?”

Manufacturing 77

Manufacturing Security Awareness Phishing Passwords 77

SecureList

DECEMBER 10, 2020

The most common type of attack being used is brute-force , wherein criminals attempt to find the username and password for the RDP connection by trying different combinations until the correct one is discovered. Whereas in the mailshots above, only a username and password were asked for, in later ones, a phone number was also requested.

Scams 75

Scams Passwords Phishing Internet 75