Good Password Advice from the FBI

February 22, 2020 by Dave

The Portland office of the FBI released some password advice this week that was picked up by ZD Net. They suggest that just using pass phrases of multiple words, even without changes in case, numbers, punctuation, etc., is a good strategy because they’re easier for people to remember. What makes them good passwords is their length. Longer passwords take longer to crack. If you make your pass phrase long enough, it’s a good password even if its a series of words from the dictionary.

Dark Reading Attacks/Breachs

Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System August 2, 2021

"PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows.

8 Security Tools to be Unveiled at Black Hat USA July 28, 2021

Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.

7 Hot Cyber Threat Trends to Expect at Black Hat July 22, 2021

A sneak peek of some of the main themes at Black Hat USA next month.

Law Firm for Ford, Pfizer, Exxon Discloses Ransomware Attack July 19, 2021

Campbell Conroy & O'Neil reports the attack affected personal data including Social Security numbers, passport numbers, and payment card data for some individuals.

US Accuses China of Using Criminal Hackers in Cyber Espionage Operations July 19, 2021

DOJ indicts four Chinese individuals for alleged role in attacks targeting intellectual property, trade secrets belonging to defense contractors, maritime companies, aircraft service firms, and others.

NSO Group Spyware Used On Journalists & Activists Worldwide July 19, 2021

An investigation finds Pegasus spyware, intended for use on criminals and terrorists, has been used in targeted campaigns against others around the world.

Researchers Create New Approach to Detect Brand Impersonation July 16, 2021

A team of Microsoft researchers developed and trained a Siamese Neural Network to detect brand impersonation attacks.

Recent Attacks Lead to Renewed Calls for Banning Ransom Payments July 16, 2021

While attackers in protected jurisdictions continue to get massive sums for continuing to breach organizations, the ransomware threat will only continue to grow.

Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE July 15, 2021

At least two government-backed actors -- including one Russian group -- used the now-patched flaws in separate campaigns, Google says.

State Dept. to Pay Up to $10M for Information on Foreign Cyberattacks July 15, 2021

The Rewards for Justice program, a counterterrorism tool, is now aimed at collecting information on nation-states that use hackers to disrupt critical infrastructure.