Hackers Do Not Collect Stamps – They Pursue Your Data
Take a glance at the most discussed cybersecurity topics of the week.If you have a huge collection of stamps that you tenderly name “Collection #1”, here is its direct competitor. An obvious but motivating statement – a human error is the most frequent reason of data insecurity.
Sweet (hackers’) dreams are made of this – the largest collection of breached data is found
The Guardian on January 17, 2019
It definitely deserves your attention.
If you have a huge collection of stamps that you tenderly name “Collection #1”, here is its direct competitor.
The largest collection of breached data, consisting of the 770m compromised email addresses and passwords, posted to a popular hacking forum in December. Troy Hunt, a security researcher who discovered this 87GB data dump, proposed it was probably “made up of many individual data breaches from literally thousands of different sources”.
Security experts emphasize that Collection#1 reveals the need for consumers to use a unique password for each account or application they have and to pay attention to password managers to ease the storage of this information.
Are you sure that your data is not the piece of “Collection #1 Breach”?
Forbes on January 17, 2019
Although there were other huge hacks like Yahoo’s incident, affecting 3 billion users, “Collection #1 Breach” is different and cannot be down to one site. The breached data collection consists of information of more than 2,000 multiple resources.
But do not worry – there is an algorithm to find out if your email and passwords are exposed. First, you need to visit “Have I Been Pwned” site, type in your email and search it in the list of compromised data. Moreover, you can check the reliability of your passwords via the “Pwned Passwords” feature.
If you find that you were affected by the breach, resetting the passwords will not be enough. In addition to the password complexity, accounts should be verified by two-factor authentication.
Cyberattack performed live
Adweek on January 11, 2019
Imagine you are an employee of a small shop. Yet another workday is about to begin, you turn your computer on and open the window blinds, waiting for the first customers. Suddenly, you discover that there is a mirror-image shop across the street, totally copying the storefront and even the staff uniform of your workplace. Sounds confusing!
Actually, the employees at the Brompton Bicycle shop experienced the same situation. More precisely, it was a security stunt initiated by the execs to illustrate the staff the tangible impact of cyber attacks on businesses and how they would look like in a real life. A video of the experiment also shows a sudden crowd of customers, descending on the Brompton team, and other provocative situations.
Have you guessed the characteristics of DDoS attacks, flooding your website like the crowd of customers? Or phishing that threatens the secret developments of your company?
Privacy mistakes that you may overlook – minimizing human error
Dark Reading on January 15, 2019
An obvious but motivating statement – a human error is the most frequent reason of data insecurity. Here is the list of possible privacy mistakes that security pros may overlook in colleges’ experience:
- An accidental email. Clicking the first email that pops up when an employee starts typing the address can cause sending a letter to the malefactors.
- A corporate email, forwarded to a friend, spouse, or personal account may disclose a company’s confidential information.
- Adding a new person to an email string who should not have access. To avoid unwilling expose of information, use AI technologies that control access to this data.
- A ‘sync and share’ causes a potential data breach. Rethink the BYOD policy of your company.
- Leaving old accounts open provides hackers with great opportunities for launching widespread attacks.
- Sending unencrypted corporate data or emails over a company’s network may have unpredictable consequences.