Category Archives: Passwords

Passwords often make headlines. They are at the heart of our daily lives. All our access, whether private or for work, is protected by a password.

World Password Day as seen by Kaspersky

Each year, the first Thursday in May is the event that represents World Password Day.

An opportunity to put cards on the table on the different practices of using this mode of connection protection as well as the hygiene in computer security as a whole. If it is decried on both sides, we cannot deny that the password is the main way to protect connections and the use of digital services.

This article will also interest you: World Password Day: Should we get rid of the password?

In terms of the security of personal data, this is an issue that is still relevant today. Indeed, the massive use of digital solutions forces the Internet user to constantly leave information about him everywhere on the platforms he 'use. According to a study conducted by DoubleVerify, the time spent by a daily actor in front of online content has literally doubled since the coronavirus pandemic. Today and 6 hours 59 minutes.

According to a study by Kaspersky called "Consumer appetite versus action: The state of data privacy amid growing digital dependence":

  • 31% of those surveyed said they had experienced an intrusion into their digital device;
  • Half of them admitted to having suffered financial losses;
  • 28% of users say they have either been the victim of computer hacking or attempted intrusion, especially on social networks.

Faced with all this reality, the relevance of passwords is pointed out. Especially when we see an increase in the power of certain authentication practices such as biometrics or the double factor. Faced with this situation, computer security researcher Ivan Kwiatkowski nevertheless says that the password remains one of the most effective techniques to protect against cyber malice.

"The proliferation of sites requiring a password has led to the limitations of memory: how to remember a hundred (minimum) secret codes generated for a multitude of online services? The acceleration of digital usage has involved changes in security practices, including the use of the password. A data leak on one of the sites where an account is available, or a brute force attack will then become particularly serious if it allows the attacker to access all of a victim's accounts. he notes.

"That's where the need for the strong password comes in. When the password is found in the wild and a malicious individual wants to obtain it, the number and variety of characters will impact the time it takes to decipher. If the attacker manages to discover the original password, another type of attack comes into play: credential stuffing, which involves testing logins and passwords on many websites. The unique password is then required so that a security flaw only has an impact on the site where it was used. He adds.

Even if several means of fortifications develop, the password can be condemned to a certain purpose.

"No, even if it no longer exists in its original form thanks to very useful tools: password managers that exist in open source form, via dedicated tools like KeyPass, Mooltipass or via publishers (Kaspersky Password Manager for example). They generate complex passwords and memorize them. No excuse not to use them because some of these tools are free. Most of these managers offer the ability to synchronize data on our various devices. Perfectly secure, if used well, these managers can restore the crest of this first bulwark against account compromises: the password. All we have to do is remember the unique input sesame to the tool and then let the password manager do everything else. Kaspersky's expert explains.

The password remains essential. No matter what they say, it would be literally difficult to get rid of it. Because all alternative modes of account security also have their drawbacks.

Now access an unlimited number of passwords:

Check out our hacking software

Bringing passwords back into our security habits

May 6 is considered World Password Day.

Each year, this event is celebrated as a reminder of how computer security as we fear it today has been the result of long railway workers. The password is one of the first systems to be developed to protect connections and sessions. Today, while the proliferation of cyberattacks casts doubt on its effectiveness, its use remains essential.

This article will also interest you: Computer attack against SolarWinds: an intern pointed to password leak

Passwords per se are not a security issue. Rather, it is the practices that revolve around that make them vulnerable. A solid password can be reliable and protect any biometric data. But its apprehension is not as simple as average users believe.

"Many users still define the same password for all of their online accounts. This is a very risky practice, because once an account is compromised, the attacker has access to a wider variety of assets. Beyond this reuse, the definition of obvious passwords, such as 12345 or azerty, not updating them regularly, storing them within reach of the computer or sharing them with third parties is a royal route for cyber criminals. All of these bad practices increase the risk of a breach for a company because an attacker can more easily steal or hack these passwords. In view of the continued growth in the number of cyber threats, it is essential to train employees, to make them aware of good practices that enable effective management of identifiers and, above all, to build a strong first line of defence. explains Pierre-Louis Lussan, Country France and South-West Europe Director at Netwrix.

"Another important step is to use a password management software application that generates and then retrieves complex credentials and stores it in an encrypted database. In addition, using a password expiration tool that automatically reminds users to change their credentials before they expire is also an effective solution. This allows for regular combination changes without overloading the IT service with calls to reset expired passwords. advises our expert.

We know that today and that is a no-brainer. Poor password management can have very dramatic consequences. This applies not only to businesses but also to individuals. Cyber criminals are then on the lookout for the slightest relaxation, the slightest negligence at this level to launch a computer attack. It is for this reason that the attention of information system security officers. "If IT professionals can't update and secure the passwords of these privileged accounts, cybercriminals can hack them more easily and access the organization's network. Then, they can use compromised administrator credentials to bypass access controls on various computer resources or systems in order to access sensitive data. Pierre-Louis Lussan.

Now access an unlimited number of passwords:

Check out our hacking software

The hard-skinned password, even in the Fortunes 500

Today, computer security awareness is becoming increasingly exciting in many ways.

In a way, we realize that cybersecurity is becoming something important to businesses but also to individuals.

In a recent study, conducted by the subsidiary of Nord Security, the company NordPass, specialized in publishing password manager programs, it was highlighted in the report that resulted from this research, that even the Fortunes 500 are caught in the habit of using passwords very poorly formulate.

This article will also interest you: Digital Identity: Protecting Businesses Through Identity Security

The study carried out by the password manager company is based on the analysis of several data that were collected for several times by hackers, during several computer attacks.

The companies involved have been listed in the different categories of their industry. We then start from health through trade, telecommunications, finance, agriculture and even aeronautics.

At this level, the company observed nearly 15,603,438 violations

In almost all categories, the same passwords come back every time. Passwords that for a long time have been discouraged. "password" and "123456."

Generally the information, which is stolen during these computer attacks, is information, which subsequently finds exposed online.

Unfortunately, neglect in the use of very poorly worded passwords is something generalized. And this even in 5pm IT companies.

"For years, cybersecurity experts have recommended using a complex alphanumeric password with special characters and several breaks. It is also advisable to use a different password for each of the services used. However, faced with the limit of human memory, password managers can generate unique, ultra-secure combinations that the user no longer needs to remember through an automatic filling system. NordPass explains in its report.

As a result, one wonders how to protect against this kind of conduct. One thing is for sure, in an organization, there will always be a collaborator who, in some way or another, will continue to form his passwords in this way. It will therefore have to be dealt with by ensuring that this cannot have an overly aggravating effect on society.

Now access an unlimited number of passwords:

Check out our hacking software

Computer attack on SolarWinds: intern singled out for password leak

Recently, the CEO of the Texan company SolarWinds pointed the finger at an intern for allegedly promoting password leakage.

Although in some ways no reconciliation has been made between this leak and the attack suffered by American society.

This article will also interest you: SolarWinds strengthens its cybersecurity

As a reminder, the cyberattack that affected Orion, a software provided by SolarWinds, piracy by which cyber criminals managed to gain access to information systems of several companies, client of the company Texane. Piracy, it must be said, has been described as one of the most serious of the decade. Several large companies have been hit hard, namely, Microsoft or the computer solution publisher FireEyes. Not to mention U.S. government agencies in the nuclear agency.

Recently something quite amazing has been discovered. A password affiliated with one of the "solarwinds123" servers.

The popularity of SolarWinds was due to an unfortunate fact. As far as the password is concerned, the error was attributed to an intern.

"I have a stronger password than "solarwinds123" to prevent my children from watching Too much YouTube on their iPads," said U.S. Rep. Katie Porter. "You and your company were supposed to prevent the Russians from reading the emails from the Ministry of Defense! »,

In a press release from the Parliamentary Committee on Control and Reform, former SolarWinds CEO Kevin Thompson said, "They violated our password policy and published the password on an internal account, on their own private GitHub account."

According to information provided by the company, the problem with this password has been going back since 2018 to see even further. According to the researcher who discovered this data leak, the password had already been available since June 2018 on the internet. Yet the problem was solved only in 2019. According to the statements of the current CEO of the Texan company, this security breach dates back to 2017. "I believe it was a password that an intern used on one of his GitHub servers in 2017, which was reported to our security team and was immediately deleted," said Sudhakar Ramakrishna, the current CEO of SolarWinds.

The U.S. government's investigation is still ongoing to shed more light on this matter. However, this case could take several months. For his part, the company's CEO has FireEye security, Kevin Mandia says it will never be possible to determine the extent of this computer attack.

"The end result: we may never know the extent and extent of the damage, and we may never know to what extent the stolen information benefits an opponent," Mandia said. However, with everything that is going on, it is likely that a simple trainee could be accused of having been the cause of it.

However, this possibility is not seen by everyone in the same way. Indeed according to a researcher Thaddeus E. Grugq, it is not necessary for intelligence services to have open access to a victim's weak password to access a computer system. "If that's what they use, then that's what they use, but it's not the deciding factor for the operation." Explains the researcher. "The SolarWinds backdoor was deeply embedded in the code, it was injected during their construction process, and it is not possible that the server with a weak password was the determining factor. As if the Russian secret services would give up if there was a strong password instead! (…) There is virtually no chance that the server password had any relation to the hacking as a whole." Add the latter.

In reporting a quote from the book "Network Attacks and Exploitation: A Framework," Thaddeus E. Grugqde said: "The offence is regularly underestimated. When companies are hacked, they react as if they had done only one thing or avoided a single mistake, everything would have been correct. The opponent is treated as if he had just been lucky."

The example of the password here only highlights that despite awareness, people continue to have bad password definition practices as well as in the security sector in general. "I strongly agree with the 'this is an example of bad safety practice', but… that is not what has been said. They literally said that the weak password means that the attacker can be anyone. Anyone can do it. This is the most absurd suggestion (….) I am perfectly willing to believe that their compilation servers used "admin:admin" and that's how the Russians had access to their code… but it was a covert intelligence operation. They didn't succeed just because SolarWind had poor password hygiene."

Now access an unlimited number of passwords:

Check out our hacking software

Security company that picks up thousands of passwords steal from Google without any protection

Recently, it was revealed publicly, a phishing campaign by the American computer security company, Checkpoint.

Thousands of login IDs in this case passwords have been exposed in plain language on Google. Passwords that have been stolen from companies in rather sensitive sectors such as energy or construction.Once successful, the hacker used two WordPress sites to host the stolen login data. Unfortunately for them or for the victims, these websites were indexed by Google, making sure to make the information accessible by anyone using the search engine.

In practice, the Mountain View giant detects an average of nearly 18 million malware and phishing emails per day. As a result, it is not uncommon for the search engine to automatically index a platform that contains stolen data. That is certainly what happened in our case.

This article will also interest you: Google's USB stick in support of passwords

The energy sectors of construction were apparently in this phishing campaign the targets of hackers for some reason. Data leakage in this context is becoming quite tricky. Indeed, it only takes a simple rocket for anyone to know this information. Of course, use it as it sees fit.

To more easily resume their phishing mail, hackers who used a Linux server. Server that was hosted on Microsoft Azure. The same is true for hacked email addresses that are supposed to help deflect suspicion. In the phishing mail, he was an HTML file assistant. In this file there was a JavaScript code to which it is included. Collect some of the victims' information, and then direct them to a login page that learns a classic form.

"While this attack may seem simple, it has managed to[…] steal the identifiers of more than a thousand employees," says computer security solutions publisher Check Point.

Apparently the cyber criminals who stole this information have indcried domain name on WordPress to host their information. The problem is that they have used already known domain names. This has clearly facilitated indexing on Google's search engine. The problem is that the server will have to stay online for 2 months if the hackers decide to get rid of it.

"Attackers generally prefer to use compromised servers instead of their own infrastructure because of the recognized reputation of existing sites," says Check Point."The more a reputation is recognized, the more likely it is that the email will not be blocked by security providers."

According to Checkpoint, Google was warned by it. For now, we are waiting to see if the data will be removed by the search engine or not.

Now access an unlimited number of passwords:

Check out our hacking software