惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

K
Kaspersky official blog
Martin Fowler
Martin Fowler
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
V
Visual Studio Blog
博客园_首页
Engineering at Meta
Engineering at Meta
The Cloudflare Blog
MongoDB | Blog
MongoDB | Blog
Blog — PlanetScale
Blog — PlanetScale
T
The Blog of Author Tim Ferriss
雷峰网
雷峰网
D
Docker
博客园 - 司徒正美
S
SegmentFault 最新的问题
M
MIT News - Artificial intelligence
博客园 - 叶小钗
博客园 - 三生石上(FineUI控件)
U
Unit 42
J
Java Code Geeks
A
About on SuperTechFans
N
Netflix TechBlog - Medium
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
S
Security Affairs
I
Intezer
Cisco Talos Blog
Cisco Talos Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog RSS Feed
P
Privacy & Cybersecurity Law Blog
T
Tenable Blog
T
Threatpost
H
Hacker News: Front Page
G
Google Developers Blog
博客园 - 【当耐特】
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research
L
Lohrmann on Cybersecurity
大猫的无限游戏
大猫的无限游戏
Google DeepMind News
Google DeepMind News
A
Arctic Wolf
S
Secure Thoughts
GbyAI
GbyAI
NISL@THU
NISL@THU
S
Security @ Cisco Blogs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Webroot Blog
Webroot Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
O
OpenAI News
Spread Privacy
Spread Privacy
Application and Cybersecurity Blog
Application and Cybersecurity Blog

Stories Archive - Cyber Security News

- Cyber Security News 12 Best Vulnerability Management Tools 2023 10 Best Secure web Gateway vendors in 2023 10 Most Dangerous Injection Attacks in 2023 Types of Firewall What is DNS Filtering? How Does It Work?
Types of Password Attacks
2023-06-16 · via Stories Archive - Cyber Security News

Password Attacks

An attempt to steal your password by a hacker is known as a password attack. In 2020, compromised credentials were at blame for 81% of data breaches. Types of Password Attacks

        Phishing is when a hacker impersonating a reliable entity sends you a phoney email in the hopes that you will voluntarily divulge your personal information. In some cases, they take you to phoney "reset your password" displays, while in other cases, they download malicious software onto your device. The OneLogin blog features a number of examples.

Here are a few examples of phishing: 1.Regular phishing 2.Spear phishing 3.Smishing and vishing 4.Whaling

      Man-in-the middle (MitM) attacks are when a hacker or compromised system sits in between two uncompromised people or systems and deciphers the information they're passing to each other, including passwords.

To help prevent man-in-the-middle attacks:  * Enable encryption on your router  * Use strong credentials and two-factor authentication  * Use a VPN

2. Man-in-the-Middle Attack

       A brute force attack is like using a battering ram if a password is like using a key to access a door. When a hacker tries 2.18 trillion password / username combinations in 22 seconds, your account could be targeted if your password is weak.

To assist in avoiding brute force attacks:  * Make your password complex. A mixed case, mixed character, 10 digit password is very different from an all lowercase, all alphabetic, six digit password. A successful brute force assault is less likely as your password complexity rises.  * Set up and enable remote access. If your business employs remote access management, inquire with the IT department. The risk of a brute-force attack will be reduced with an access management product like OneLogin.

To help prevent a dictionary attack:  * Never use a word from a dictionary as your password. It should never be a component of your password if you've read it in a book. * Consider employing a password management system if you must use a password rather than an access management solution.  * Take into account purchasing a password manager. Complex passwords are automatically generated by password managers, reducing the risk of dictionary attacks.

    Dictionary assaults, a sort of brute force attack, relies on our propensity to choose "basic" phrases as our passwords; the most popular of these words have been compiled by hackers into "cracking dictionaries." More complex dictionary assaults use terms that are significant to you personally, such as your birthplace, a child's name, or the name of a pet.

       If you've ever experienced a breach, you are aware that your previous passwords were probably exposed and posted on a dubious website. Accounts that never updated their passwords after a breach are vulnerable to credential stuffing. Hackers will test different combinations of the victim's old usernames and passwords in the hopes that they were never changed.

To help prevent credential stuffing:  * Change your passwords frequently. A hacker is more likely to uncover a technique to breach a password the longer it remains uncracked. 

      Malicious software called keyloggers records each keystroke and sends the information to a hacker. Typically, a user will download the programme thinking it is safe, only for it to secretly install a keylogger.

To protect yourself from keyloggers:  * Verify your physical equipment. A hardware keylogger can be installed on your workstation by someone who has access to it in order to record your keystrokes. Make sure you are familiar with all of the hardware by performing routine inspections of your computer and the environment around it.  * Do a virus check. Regularly scan your PC with a reliable antivirus programme. The most popular malware keyloggers are tracked by antivirus providers, who mark them as potentially harmful.