惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
SegmentFault 最新的问题
人人都是产品经理
人人都是产品经理
Blog — PlanetScale
Blog — PlanetScale
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
Spread Privacy
Spread Privacy
Scott Helme
Scott Helme
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
Securelist
酷 壳 – CoolShell
酷 壳 – CoolShell
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
I
Intezer
博客园 - 叶小钗
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
雷峰网
雷峰网
量子位
Security Latest
Security Latest
P
Proofpoint News Feed
P
Privacy International News Feed
P
Palo Alto Networks Blog
D
DataBreaches.Net
大猫的无限游戏
大猫的无限游戏
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Google Online Security Blog
Google Online Security Blog
Webroot Blog
Webroot Blog
云风的 BLOG
云风的 BLOG
N
Netflix TechBlog - Medium
Vercel News
Vercel News
博客园 - 【当耐特】
C
CERT Recently Published Vulnerability Notes
Hugging Face - Blog
Hugging Face - Blog
月光博客
月光博客
Hacker News - Newest:
Hacker News - Newest: "LLM"
K
Kaspersky official blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Stack Overflow Blog
Stack Overflow Blog
AWS News Blog
AWS News Blog
博客园 - Franky
爱范儿
爱范儿
T
Tor Project blog
The GitHub Blog
The GitHub Blog
宝玉的分享
宝玉的分享
小众软件
小众软件
L
LINUX DO - 最新话题
Application and Cybersecurity Blog
Application and Cybersecurity Blog
W
WeLiveSecurity
SecWiki News
SecWiki News
L
LangChain Blog
I
InfoQ

Stories Archive - Cyber Security News

- Cyber Security News 12 Best Vulnerability Management Tools 2023 10 Best Secure web Gateway vendors in 2023 10 Most Dangerous Injection Attacks in 2023 Types of Firewall What is DNS Filtering? How Does It Work?
Types of Password Attacks
2023-06-16 · via Stories Archive - Cyber Security News

Password Attacks

An attempt to steal your password by a hacker is known as a password attack. In 2020, compromised credentials were at blame for 81% of data breaches. Types of Password Attacks

        Phishing is when a hacker impersonating a reliable entity sends you a phoney email in the hopes that you will voluntarily divulge your personal information. In some cases, they take you to phoney "reset your password" displays, while in other cases, they download malicious software onto your device. The OneLogin blog features a number of examples.

Here are a few examples of phishing: 1.Regular phishing 2.Spear phishing 3.Smishing and vishing 4.Whaling

      Man-in-the middle (MitM) attacks are when a hacker or compromised system sits in between two uncompromised people or systems and deciphers the information they're passing to each other, including passwords.

To help prevent man-in-the-middle attacks:  * Enable encryption on your router  * Use strong credentials and two-factor authentication  * Use a VPN

2. Man-in-the-Middle Attack

       A brute force attack is like using a battering ram if a password is like using a key to access a door. When a hacker tries 2.18 trillion password / username combinations in 22 seconds, your account could be targeted if your password is weak.

To assist in avoiding brute force attacks:  * Make your password complex. A mixed case, mixed character, 10 digit password is very different from an all lowercase, all alphabetic, six digit password. A successful brute force assault is less likely as your password complexity rises.  * Set up and enable remote access. If your business employs remote access management, inquire with the IT department. The risk of a brute-force attack will be reduced with an access management product like OneLogin.

To help prevent a dictionary attack:  * Never use a word from a dictionary as your password. It should never be a component of your password if you've read it in a book. * Consider employing a password management system if you must use a password rather than an access management solution.  * Take into account purchasing a password manager. Complex passwords are automatically generated by password managers, reducing the risk of dictionary attacks.

    Dictionary assaults, a sort of brute force attack, relies on our propensity to choose "basic" phrases as our passwords; the most popular of these words have been compiled by hackers into "cracking dictionaries." More complex dictionary assaults use terms that are significant to you personally, such as your birthplace, a child's name, or the name of a pet.

       If you've ever experienced a breach, you are aware that your previous passwords were probably exposed and posted on a dubious website. Accounts that never updated their passwords after a breach are vulnerable to credential stuffing. Hackers will test different combinations of the victim's old usernames and passwords in the hopes that they were never changed.

To help prevent credential stuffing:  * Change your passwords frequently. A hacker is more likely to uncover a technique to breach a password the longer it remains uncracked. 

      Malicious software called keyloggers records each keystroke and sends the information to a hacker. Typically, a user will download the programme thinking it is safe, only for it to secretly install a keylogger.

To protect yourself from keyloggers:  * Verify your physical equipment. A hardware keylogger can be installed on your workstation by someone who has access to it in order to record your keystrokes. Make sure you are familiar with all of the hardware by performing routine inspections of your computer and the environment around it.  * Do a virus check. Regularly scan your PC with a reliable antivirus programme. The most popular malware keyloggers are tracked by antivirus providers, who mark them as potentially harmful.