Cyberattacks often target the financial industry due to the nature of the information they possess. One of the organizations that provide cybersecurity guidance and standards for financial institutions is the Federal Financial Institutions Examination Council (FFIEC). While the FFIEC does not offer specific password characteristics... Read More
News and Research
Categories
Block These Recently Leaked VPN Passwords to Prevent Ransomware Attacks [new data]
Worried about ransomware attacks? Recent attack news indicates you should be looking to secure your VPN connections. Last week, we learned that thousands of Fortinet VPN passwords had been leaked on the dark web by a former ransomware operator.... Read More
Division 1 College Football Teams and Mascots Keep Showing Up on Breached Password Lists
The Rambling Wreck of Georgia Tech may not have earned a single vote in the AP’s preseason college football Top 25 rankings, but when it comes to appearing on breached password lists, the prestigious university ranks #1. In conjunction with the... Read More
Defending Your Network from RockYou2021
In June 2021, a large data dump was posted to a popular internet hacking forum. This dataset was termed “rockyou2021,” named after the popular password brute-force wordlist known as Rockyou.txt. Media and Twitter alike were abuzz with what to... Read More
Premier League Clubs May Want to Be Relegated from This Breached Password List
Chelsea, one of England’s most successful football clubs, can add another trophy to their record today, as they rank in first place on Specops’ breached password list. This is according to our new research, ahead of the start of the Premier League 2021 season,... Read More
Introducing Live Attack Data to Specops Breached Password Protection (plus what passwords you should block right now)
Today, Specops Software released the latest update to its Breached Password Protection list. This release includes, most notably, the addition of passwords observed in real attacks. Prior to this release, Specops Breached Password Protection sources included lists of known... Read More
Pipeline Cybersecurity Initiative best practices
There is no question that ransomware attacks are on the rise. They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel... Read More
Not Even Superheroes Have the Power to Stay Off of Breached Password Lists
Batman or Spiderman? Superman or Thor? Flash or Falcon? The infatuation with and intense debate over Marvel and DC superhero and villain supremacy among comic book aficionados is a year-round musing, but always intensifies during the summer months when the latest flick hits the... Read More
How to meet password requirements for PSN compliance
If you’re applying for a Public Services Network (PSN) compliance certificate, you will need to demonstrate your commitment to security and password protection. In this article we define these requirements and offer some valuable advice and solutions to help... Read More
What is the NIST guidance on password managers?
Today’s end-users are juggling many sets of credentials for accessing critical business resources. To prevent users from writing-down, reusing, or selecting weak but memorable passwords, businesses are turning to password managers. A password manager is an encrypted database used for storing, retrieving, and generating passwords. Enterprise password managers not only improve password security, but also simplify password management... Read More