Good Password Advice from the FBI

February 22, 2020 by Dave

The Portland office of the FBI released some password advice this week that was picked up by ZD Net. They suggest that just using pass phrases of multiple words, even without changes in case, numbers, punctuation, etc., is a good strategy because they’re easier for people to remember. What makes them good passwords is their length. Longer passwords take longer to crack. If you make your pass phrase long enough, it’s a good password even if its a series of words from the dictionary.

Dark Reading Attacks/Breachs

Researchers Call for 'CVE' Approach for Cloud Vulnerabilities August 6, 2021

New research suggests isolation among cloud customer accounts may not be a given -- and the researchers behind the findings issue a call to action for cloud security.

HTTP/2 Implementation Errors Exposing Websites to Serious Risks August 6, 2021

Organizations that don't implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites and other threats, security researcher reveals at Black Hat USA.

CISA Launches JCDC, the Joint Cyber Defense Collaborative August 6, 2021

"We can't do this alone," the new CISA director told attendees in a keynote at Black Hat USA today.

Incident Responders Explore Microsoft 365 Attacks in the Wild August 5, 2021

Mandiant experts discuss the novel techniques used to evade detection, automate data theft, and achieve persistent access.

Why Supply Chain Attacks Are Destined to Escalate August 5, 2021

In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for software platform vendors and security researchers to do their part to thwart the fallout of software supply chain compromises.

Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System August 2, 2021

"PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows.

8 Security Tools to be Unveiled at Black Hat USA July 28, 2021

Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.

7 Hot Cyber Threat Trends to Expect at Black Hat July 22, 2021

A sneak peek of some of the main themes at Black Hat USA next month.

Law Firm for Ford, Pfizer, Exxon Discloses Ransomware Attack July 19, 2021

Campbell Conroy & O'Neil reports the attack affected personal data including Social Security numbers, passport numbers, and payment card data for some individuals.

US Accuses China of Using Criminal Hackers in Cyber Espionage Operations July 19, 2021

DOJ indicts four Chinese individuals for alleged role in attacks targeting intellectual property, trade secrets belonging to defense contractors, maritime companies, aircraft service firms, and others.