This Just In: Change Your Facebook Password

Just when you thought it was safe to trust Facebook again… WIRED reports:

On Thursday, following a report by Krebs on Security, Facebook acknowledged a bug in its password management systems that caused hundreds of millions of user passwords for Facebook, Facebook Lite, and Instagram to be stored as plaintext in an internal platform. This means that thousands of Facebook employees could have searched for and found them. Krebs reports that the passwords stretched back to those created in 2012.

Pedro Canahuati, Facebook’s vice president of engineering, security, and privacy shared in a statement:

“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems…. Our login systems are designed to mask passwords using techniques that make them unreadable. To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them.”

Read more at WIRED and change your password today. Also, for better password security, consider using a service like LastPass and sign up for LifeLock for ID Theft protection.

 

By |2019-03-22T14:03:41+00:00March 22nd, 2019|Categories: Cybersecurity|

The Smarter, Better, Easier Way to Create Passwords

A series of studies from Carnegie Mellon University confirmed that passphrases like mammothundertakingsrocks are just as good at online security because hacking programs are thrown off by length nearly as easily as randomness. To a computer, poetry or simple sentences can be just as hard to crack. Even better: People are less likely to forget them.

Courtesy: Washington Post

 

 

 

By |2016-08-12T15:32:49+00:00August 12th, 2016|Categories: Cybersecurity|

Study: Email Scams Work. Here’s How to Protect Yourself

Not only are your online accounts valuable, they provide scammers with extremely convenient and quick ways to take your money. According to the abstract of a new study by Google and U.C. San Diego:

Online accounts are inherently valuable resources—both for the datathey contain and the reputation they accrue over time. Unsurpris-ingly, this value drives criminals to steal, or hijack, such accounts.In this paper we focus on manual account hijacking—account hi-jacking performed manually by humans instead of botnets. Wedescribe the details of the hijacking workflow: the attack vectors,the exploitation phase, and post-hijacking remediation. Finally we share, as a large online company, which defense strategies we found effective to curb manual hijacking.

When scammers access your account, the first thing they do is scan it for value. This means they search any references of bank statements, wire transfers and so on. If they determine that you have something worth stealing, they then reach out to your contacts pretending to be you and asking for money.

How embarrassing, right?

The best way I can think to avoid this is Google’s 2-step verification. (No, I don’t work for Google). This is a little extra step when logging into your email to prevent people at remote locations from getting into your accounts.

The above link explains how it works exactly, but the bottom line is that you will need your cell phone handy when you log-in to your email. It might sound like a pain at first but, trust me, it will save you a ton of headaches that could occur if your account gets hacked.

 

 

By |2017-06-11T22:05:50+00:00November 14th, 2014|Categories: Content, Cybersecurity|Tags: , , |