#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Specops Password Auditor | Breaking Cybersecurity News | The Hacker News

Category — Specops Password Auditor
What's the State of Credential theft in 2023?

What's the State of Credential theft in 2023?

Aug 16, 2023
At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The  2023 Verizon Data Breach Investigations Report (DBIR)  revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated. Of these breaches by external actors, 49% involved the use of stolen credentials.  We'll explore why credential theft is still such an attractive (and successful) attack route, and look at how IT security teams can fight back in the second half of 2023 and beyond. Users are still often the weak link The hallmarks of many successful cyberattacks are the determination, inventiveness, and patience threat actors show. Though a user may spot some attacks through security and awareness training, it only takes one well-crafted attack to catch them. Sometimes all it takes is for a user to be
A Hackers Pot of Gold: Your MSP's Data

A Hackers Pot of Gold: Your MSP's Data

Feb 09, 2023 Password Security
A single ransomware attack on a New Zealand managed service provider (MSP) disrupted several of its clients' business operations overnight, most belonging to the healthcare sector. According to the country's privacy commissioner, " a cyber security incident involving a ransomware attack " in late November upended the daily operations of New Zealand's health ministry when it prevented the staff from accessing thousands of medical records. The Ministry of Justice, six health regulatory authorities, a health insurer, and a handful of other businesses also number among those affected by second-hand damage from the attack. There are ways to  recover from a ransomware attack , but the damage often extends into that attacked organization's customers and vendors.  The targeted MSP in this incident is Mercury IT, a business based in Australia. Te Whatu Ora, the New Zealand health ministry, was unable to access at least 14,000 medical records because of the outage at
Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

Oct 28, 2024Operational Technology / Cybersecurity
Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly automated. Diagnostics, maintenance, upgrade and adjustments to these critical systems are done remotely, often by third-party vendor technicians. This highlights the importance of proper secure remote access management for industrial control systems (ICS).  Learn more in our Buyer's Guide for Secure Remote Access Lifecycle Management .  We at SSH Communications Security (SSH) have been pioneering security solutions that bridge the gap between IT and OT in privileged access management . Let's investigate how we helped two customers solve their critical access control needs with us. Secure Remote Access Around the Globe to 1000s of Ships  In the maritime industry, ensuring secure and e
A Secure User Authentication Method – Planning is More Important than Ever

A Secure User Authentication Method – Planning is More Important than Ever

Jan 16, 2023 Identity Management / MFA
When considering authentication providers, many organizations consider the ease of configuration, ubiquity of usage, and technical stability. Organizations cannot always be judged on those metrics alone. There is an increasing need to evaluate company ownership, policies and the stability, or instability, that it brings. How Leadership Change Affects Stability In recent months, a salient example is that of Twitter. The Twitter platform has been around since 2006 and is used by millions worldwide. With many users and a seemingly robust authentication system, organizations used Twitter as a primary or secondary authentication service. Inconsistent leadership and policies mean the stability of a platform is subject to change, which is especially true with Twitter as of late. The ownership change to Elon Musk precipitated widespread changes to staffing and policies. Due to those changes,  a large portion of staff was let go , but this included many individuals responsible for the techn
cyber security

AWS EKS Security Best Practices [Cheat Sheet]

websiteWiz.ioCloud Security / Kubernetes
Unlock this one-stop resource for mastering EKS security best practices and safeguarding your cloud-native applications.
Fixing the Weakest Link — The Passwords — in Cybersecurity Today

Fixing the Weakest Link — The Passwords — in Cybersecurity Today

Mar 11, 2021
Password security has long been an issue for businesses and their cybersecurity standards. Account passwords are often the weakest link in the overall security posture for many organizations. Many companies have used Microsoft's default password policies for decades. While these can be customized, businesses often accept the default values for their organization. The Windows default password policy is a good start, but are there security vulnerabilities associated with it? Let's look at the current recommendations from leading cybersecurity authorities and see how they measure up against the Windows default password policy. Windows default password policy settings Many, if not most, business environments today use Microsoft Active Directory as their identity and access management solution in the enterprise. Active Directory has served organizations in this capacity for decades.  One of the built-in capabilities provided by Microsoft Active Directory Domain Services (ADDS)
Expert Insights / Articles Videos
Cybersecurity Resources