One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2074683 |
| Date de publication | 2020-12-03 12:00:00 (vue: 2020-12-03 12:05:35) |
| Titre | Two cybersecurity hygiene actions to improve your digital life in 2021 |
| Texte | This blog was written by an independent guest blogger. It is that time of year again where we start planning resolutions for the coming year. A good start is putting cybersecurity on the top of the list whether you are a business or individual. According to a University of Maryland study, Hackers attack every 39 seconds, on average 2,244 times a day. It may be even higher now that more of us are working remotely because of Covid19 and the attack surface has greatly expanded in numbers and vulnerability. Clearly, with the plethora of breaches, spams, and ransomware we already experienced in 2020, we need to be better prepared in 2021. What are a couple of cybersecurity hygiene action upgrades that will improve outcomes in 2021? #1 Passwords Poor passwords have always been viewed as the low hanging fruit for hackers as the easiest way into the crown jewels of data. Yet, many still use common passwords such as #132456 #password, or birthdays that pose little barriers to letting the bad guys access your accounts, In fact, a UK National Cyber Security Centre 2019 survey analysis discovered that 23.2 million victim accounts from all parts of the world used 123456 as a password. Another 7.8 million data breach victims chose a 12345678 password. More than 3.5 million people globally picked up the word "password" to protect access to their sensitive information. Now that we have all become creatures of social media, hackers can use social engineering tactics by exploring your social media accounts that often highlight pet names (quite often used as passwords - I admit I have been guilty of that too) or other identifiable items that may give clues to passwords and interests. What is particularly alarming is that there are algorithmic programs that can also utilize public social sites and marketing information to “guess” passwords. Actions: remedies are easy to get beyond that bad habit of using easy passwords to crack. Do not use default passwords on your devices and when you do create passwords make them complicated. Consider making them long or using phrases with letters, numbers and characters. Also, do not use the same password for multiple accounts. Make it difficult for hackers to get in with one try. Make their challenges more difficult by using multifactor or biometric authentication such as a fingerprint, facial recognition, or texts to verify it is you when you sign in. And if you want to make things less stressful on your memory (we all forget our passwords), consider using a security token and/or password manager. The bottom line is that secure passwords are a basic step to stronger cyber hygiene. #2 Phishing Phishing is the tool of choice for many hackers. Phishing is commonly defined as a technique of hackers to exfiltrate your valuable data, or to spread malware. Anyone can be fooled by a targeted phish, especially when it appears to be coming as a personal email from someone higher up the work chain, or from a bank, organization or a website you may frequent. Usually the phishing malware comes via email attachments but can also be web-based. According to an analysis by Webroot, 46,000 new phishing sites are created every day and 1.385 million new, unique phishing sites are created each month. At a more granular level, the firm Wandera says that a new phishing site launches every 20 seconds. Advances in technologies have made it easier for hackers to phish. They can use readily available digital graphics, apply social engineering data, and a vast array of phishing tools, including some automated by machine learning. Phishing is often accompanied by ransomware and a tactic for hackers is to target leadership a |
| Envoyé | Oui |
| Condensat | #132456 #password 23 and another challenges enhance if it 000 123456 12345678 2019 2020 2021 244 385 access accompanied according account accounts action actions actions: adding adds admit advances advice again agile alarming algorithmic all alone already also always analysis and/or anomalies another anti antivirus any anyone appealing appears applications apply are array asking assessments attachment attachments attack authentication automated automatically available average avoid aware awareness backup bad bank barrier barriers based basic basis because become been benefits better beware beyond biometric birthdays blog blogger bottom breach breaches business but can centre certainly chain chances characters check choice chose clearly click cloud clues comes coming common commonly communications companies company complicated computer conclusion consider contemplate contest coordinate costs couple covid19 crack crafty create created creative creatures credit crown cyber cybercriminals cybersecurity data day default defense defined detection determine device devices did difficult digital discard discovered double each easier easiest easy email employees encrypted engineering especially even every example excellent exfiltrate expanded experienced exploring facial fact field fingerprint firewalls firm follow fooled forget found frequent from fruit fun funds gamification gaps get getting give globally good granular graphics greatly guest guilty guys habit hackers hanging has have higher highlight holistic hopefully how hygiene idea identifiable identities implementations important improve including independent individual information install instituted interests intrusion invest invulnerable isn’t items jewels just know lack landscape larger launches layered leadership learning less lessen letters letting level life likely line list little long lost low machine made make making malware managed management manager many marketing maryland may means media memory million monitoring month more multifactor multiple names national need needs networks new next nor not now numbers obscure often one organization organizations other outcomes outsource particularly parts password passwords patches people personal pet phish phishing phone phrases picked planning please plethora poor pop pose preferably prepared private professionals programs protect protection providers public putting quite randomly ransomware readily ready recipient recognition recommend regular regularly remedies remotely requirements resolutions risk routers rule safer same says seconds secure security see segmented sender sensitive service should sign site sites small social software some someone something sophisticated spams spear spread start step steps store stressful strong stronger study such suggest sure surface survey tactic tactics take taken target targeted targets technique technologies texts than them these thing things think threat through time times token too tool tools top training true trust try two unique university update upgrades ups use used using usually utilize valuable vast verify victim victims viewed virtual visually vpns vulnerability wandera want way web webroot website what when where whether who wifi will win word work working world written year yet your zero |
| Tags | Ransomware Data Breach Malware Tool Vulnerability Threat Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.