Troy Hunt

FEBRUARY 27, 2018

When I launched Pwned Passwords V2 last week , I made it fast - real fast - and I want to talk briefly here about why that was important, how I did it and then how I've since shaved another 56% off the load time for requests that hit the origin. Why Speed Matters for Pwned Passwords. And a bunch of other cool perf stuff while I'm here.

Passwords 199

Passwords Internet Internet Architecture 199

SiteLock

AUGUST 27, 2021

This is the reality for many website owners, and now more than ever, they need to be on alert for cyberattacks in 2018. Cybercriminals can encrypt their backdoor files with a decoding key that only they possess, meaning, no one else has access to their malicious file. Protect your website and your visitors in 2018 and beyond.

Malware 52

Malware Engineering Phishing Accountability 52

Security Affairs

OCTOBER 23, 2018

The flaw affects the process implemented by the Signal Desktop application to encrypt locally stored messages. Signal Desktop application leverages an encrypted SQLite database called db.sqlite to store the user’s messages. The encryption key is used each time Signal Desktop application accessed the database.

Encryption 85

Encryption Passwords Advertising Engineering 85

The Last Watchdog

DECEMBER 17, 2018

Facebook was very lucky, indeed, that its misdeeds happened before May 25, 2018. According to research by one law firm, pre-GDPR regulatory fines had almost doubled , on average, between 2017 and 2018, up from £73,191 to £146,412. Heathrow Airport was fined £120,000 when it lost a USB stick containing non-encrypted and sensitive data.

Encryption 157

Encryption Data privacy Data breaches Technology 157

Security Affairs

JANUARY 8, 2021

“The loader decrypts the malicious malware and executes it using memfd create (as described in this blog in 2018). Upon executing the code, it will ask the user the path for the payload to be encrypted and the password to be used for AES encryption to hide the malware within the loader.

Malware 129

Malware Encryption Antivirus Passwords 129

Troy Hunt

JUNE 25, 2018

thanks @troyhunt for the excellent @haveibeenpwned service that notifies users of #privacy disasters like this :) [link] pic.twitter.com/jlqnKXteDG — Yale Privacy Lab (@YalePrivacyLab) June 4, 2018. I at least know about it, thx to @haveibeenpwned — Tim Plas (@TJPlas) June 3, 2018. ticketfly a heads up would have been nice.

Passwords 273

Passwords Data breaches Password Management Accountability 273

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 135

Accountability VPN Software Antivirus 135

Malwarebytes

MAY 28, 2021

In this blog, we’ll home in on Conti, the strain identified by some as the successor, cousin or relative of Ryuk ransomware , due to similarities in code use and distribution tactics. The files are then held for ransom and the victim is threatened by data loss, because of the encryption, and leaking of the exfiltrated data.

Healthcare 107

Healthcare Ransomware Encryption Passwords 107

Krebs on Security

APRIL 22, 2019

The software is broadly classified as malware by most antivirus companies, likely thanks to an advertised feature list that includes dumping the remote computer’s temporary memory; retrieving passwords from dozens of email programs; snarfing the target’s Wi-Fi credentials; and viewing the target’s Webcam.

Advertising 203

Advertising Antivirus Software Malware 203

NopSec

MAY 17, 2022

The most common (also deprecated) method of authentication is NTLM, which is a challenge/response protocol that authenticates a user without the user sending their password across the network. The challenge is then encrypted by a hash of the user’s password, and sent to the server. Don’t be that guy!!

Authentication 52

Authentication Passwords Accountability Encryption 52

Troy Hunt

JANUARY 10, 2018

agarwal_mohit) January 5, 2018. I think the URL is right but it seems inaccessible from other countries: [link] — Troy Hunt (@troyhunt) January 9, 2018. Security /= George blocking — Vatsalya Goel (@vatsalyagoel) January 9, 2018. They claim that they're hack-proof. Can you prove otherwise? travelling).

Hacking 279

Hacking Government Risk Encryption 279

The Last Watchdog

APRIL 4, 2022

According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.” A primary culprit of these attacks is the lack of understanding of application programming interfaces, or APIs.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Krebs on Security

FEBRUARY 18, 2019

government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. That changed on Jan.

DNS 271

DNS Internet Internet Government 271

Krebs on Security

FEBRUARY 23, 2019

19, Apex was alerted that its systems had been infected with a destructive strain of ransomware that encrypts computer files and demands payment for a digital key needed to unscramble the data. “When they encrypt the data, that happens really fast,” he said. Roswell, Ga. on Tuesday, Feb. More than a week later on Jan.

Backups 234

Backups Ransomware Encryption Internet 234

eSecurity Planet

DECEMBER 3, 2021

Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Facebook Plans on Backdooring WhatsApp [link] — Schneier Blog (@schneierblog) August 1, 2019. Normally account take overs are due to insecure passwords or recovery options, this is definitely something different.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Security Affairs

OCTOBER 17, 2018

At a first sight, the office document had an encrypted content available on OleObj.1 Those objects are real Encrypted Ole Objects where the Encrypted payload sits on “EncryptedPackage” section and information on how to decrypt it are available on “EncryptionInfo” xml descriptor. Stage1: Encrypted Content.

Malware 84

Malware Computers and Electronics Encryption Penetration Testing 84

SiteLock

SEPTEMBER 29, 2021

Researchers and security firms have linked REvil as a strain of GandCrab, another RaaS group that was wildly popular in 2018. REvil ransomware is a file-blocking virus that encrypts files after infection and shares a ransom request message. Use a password manager to generate and track your passwords.

Ransomware 52

Ransomware Computers and Electronics Backups Passwords 52

Thales Cloud Protection & Licensing

FEBRUARY 22, 2018

Findings from the 2018 Federal Edition of the Data Threat Report. So far in 2018, we’ve already seen a handful of government agency mishaps when it comes to security. Breaking barriers with encryption. To see the full results of the Federal Edition of the 2018 Global Data Threat Report, please click here.

Data breaches 86

Data breaches Threat Reports Encryption Mobile 86

CyberSecurity Insiders

OCTOBER 14, 2021

This blog was written by an independent guest blogger. Ransomware attacks like the ones carried out by OnePercent Group have been crippling businesses across the country since the FBI first reported a 37% uptick in cybercrime in 2018. Encrypt all sensitive company data. Ensure all web traffic is encrypted with SSL or TLS.

Social Engineering 133

Social Engineering Ransomware Engineering Phishing 133

SecureList

DECEMBER 14, 2021

If that’s the case, the username, password, user’s IP address and current timestamp are stored in a file at C:WindowsTempaf397ef28e484961ba48646a5d38cf54.db.ses. The result of the command is encrypted (as previously described) and returned to the operator.

Authentication 108

Authentication Encryption Accountability Passwords 108

Troy Hunt

APRIL 17, 2018

link] — Nodestack (@NodestackUK) April 12, 2018. In the case above, HostGator was being taken to task for storing passwords in a retrievable fashion (i.e. gdlinux — Guardian Digital (@gdlinux) April 13, 2018. — Jason Snelders (@JasonSnelders) April 12, 2018. I'll come back to that.

Media 211

Media Advertising Accountability Marketing 211

SecureList

SEPTEMBER 28, 2023

This blog post contains excerpts from those reports. ASMCrypt As mentioned in our previous blog post , we monitor many underground forums. After selecting all the desired options and pressing the build button, the application creates an encrypted blob hidden inside a.png file.

Banking 97

Banking Malware Cybercrime Encryption 97

Anton on Security

JUNE 10, 2022

A password manager claimed “zero trust for passwords” while a SIEM/UEBA vendor promised to reveal all zero trust secrets (I bet they use VPN internally…). Data security : it has happened for a few years, but somehow data security (whether encryption or DLP or some new space) has been less noisy lately, nobody seems to be disrupting it.

VPN 189

VPN Marketing Firewall Passwords 189

Troy Hunt

MAY 7, 2018

The correct answer to this question is: The traffic between the browser and the webshop is encrypted. cc @troyhunt pic.twitter.com/bRM5BnVC6l — Tim Skauge (@tims) May 3, 2018. Most notably, they're now free through services like Let's Encrypt and Cloudflare and they're dead easy to setup so there goes another barrier too.

Phishing 116

Phishing Encryption Education Risk 116

Thales Cloud Protection & Licensing

SEPTEMBER 12, 2019

At the 2018 Winter Olympic Games held in PyeongChang, for instance, cyber criminals leveraged a previously unknown family of malware called Olympic Destroyer to attack the Games’ servers just before the opening ceremony. Unfortunately, digital criminals are also closely following the buzz surrounding this tournament.

IoT 105

IoT Internet Internet VPN 105

Lenny Zeltser

MAY 3, 2019

Use a password vault, avoiding password reuse. Use encrypted chat for sensitive discussions. Minimize the use of email, if practical, in favor of closed-group, encrypted messaging tools. Encrypt your network communications and watch out for security warnings. Change default passwords for devices and apps.

Cybersecurity 111

Cybersecurity Social Engineering Authentication Software 111

Thales Cloud Protection & Licensing

JULY 3, 2018

12345678 and “password” are not strong passwords. To develop a strong password use a phrase and add some numbers and symbols – but make sure it’s not a quote from your Facebook page! I saved the best for last as encryption is what we do at Thales, we protect the most sensitive data for organizations around the globe.

Encryption 63

Encryption Passwords Data breaches Education 63

The Last Watchdog

MARCH 13, 2019

more than the $646 billion spent in 2018. Many of the IoT sensors hoovering up sensitive personal and business data, and the routers this data flows through, for instance, have weak or non-existent passwords and lack a uniform way to patch inevitable software vulnerabilities that turn up.

Internet 189

Internet Internet IoT Energy and Utilities 189

Thales Cloud Protection & Licensing

APRIL 23, 2018

According to Data Threat Report for 2018 , the majority of businesses don’t just operate in one cloud environment in a single location, but multiple. Amongst these, we believe the most effective is the deployment of encryption with key management technology. The numbers are truly revolutionary.

Digital transformation 75

Digital transformation Encryption Technology Big data 75

Security Boulevard

JULY 11, 2021

However, this all changed with the advent of stronger encryption schemes in the ransomware code and especially the availability of cryptocurrency as a payment method which is fairly difficult to track by law enforcement. The script further on encrypted the systems. Why did Kaseya fail to address these inherent security issues?

Ransomware 119

Ransomware Software Encryption Risk 119

The Last Watchdog

MAY 11, 2020

In May 2017, the Saudi Arabian Monetary Authority (SAMA) rolled out its Cyber Security Framework mandating detailed data security rules, including a requirement to encrypt and containerize business data in all computing formats. This column originally appeared on Avast Blog.). Cyber hygiene isn’t difficult.

Computers and Electronics 113

Computers and Electronics Data privacy Encryption Media 113

Security Affairs

NOVEMBER 21, 2018

” reads the post on KrebsonSecurity blog. The good news is that it seems that API doesn’t expose USPS account passwords. Krebs also pointed out that a vulnerability assessment of Informed Visibility was published in October 2018 by the USPS’s Office of Inspector General (OIG). ” continues Krebs.

Accountability 79

Accountability Advertising Encryption Authentication 79

Krebs on Security

MARCH 1, 2022

Conti makes international news headlines each week when it publishes to its dark web blog new information stolen from ransomware victims who refuse to pay an extortion demand. Plus, he somehow encrypted the config, i.e. he had an encoder and a private key, plus uploaded it all to the admin panel. nl — circa October 2018.

Ransomware 276

Ransomware Healthcare Cybercrime Government 276

Security Affairs

APRIL 12, 2019

Figure 2: password required to view and modify macros on document. The first peculiarity of the malicious document is the protected macro, in fact, when the user tries to read it immediately shows a message box asking for password. The blog post, in fact, explains both AMSI and BlockLogging disabling techniques.

Malware 85

Malware Passwords Advertising Government 85

Security Boulevard

JUNE 10, 2022

A password manager claimed “zero trust for passwords” while a SIEM/UEBA vendor promised to reveal all zero trust secrets (I bet they use VPN internally…). Data security : it has happened for a few years, but somehow data security (whether encryption or DLP or some new space) has been less noisy lately, nobody seems to be disrupting it.

VPN 116

VPN Marketing Firewall Passwords 116

SecureList

NOVEMBER 1, 2022

KeyPlug is a modular backdoor with the capability of communicating to its server via several network communication protocols set in its XOR-encrypted embedded configuration block. Kaspersky first discovered this malware in 2018, together with the CVE-2018-8453 vulnerability. In 2019, SoleDragon was also deployed through Skype.

Malware 141

Malware Ransomware Spyware Encryption 141

NopSec

JULY 28, 2023

Good news for blog content, but less so for production networks. On the hardware side of the spectrum, researchers discovered that AMD Zen2 CPUs are vulnerable to a memory dump vulnerability that could result in unintended disclosure of neat things like encryption keys and passwords. No privileged access required.

Authentication 52

Authentication Encryption Risk Passwords 52