David Phillips’ Post

🛡️ Stay one step ahead of cyber threats! Discover expert tips on enhancing your digital safety and securing your sensitive info. 🚀💻 #CyberSecurity #DigitalSafety

In case you missed it: RockYou2024 dumped nearly 10 BILLION passwords on the web last week. If you still use similar passwords between accounts, now's the time to change them. Still not using a password manager? It's overdue! Want to know if you're affected? Details are limited due to the number of records listed (it takes a long time to parse 10 billion records), but you can find out some basic leak information related to your email address thanks to CyberNews. Visit this site to check for leaks affecting you: https://lnkd.in/gN_PFH4Y #cybersecurity

🛡️ Stay one step ahead of cyber threats! Discover expert tips on enhancing your digital safety and securing your sensitive info. 🚀💻 #CyberSecurity #DigitalSafety

What is Password Policy? | How a Strong Password Policy Protects Your Data? A Password Policy is a set of rules designed to enhance the security of accounts by enforcing strong password creation and manage`ment practices. In this video by InfosecTrain, we explore what a password policy entails, why it is essential for both individuals and organizations, and how it helps prevent unauthorized access. Learn about the best practices for creating secure passwords, the importance of password expiration, multi-factor authentication, and more. Stay ahead of cyber threats by implementing an effective password policy today! Watch here - https://lnkd.in/gFHgZDXG #InfosecTrain #dataprotection #PasswordPolicy #ITSecurity #Cybersecurity #AccountSecurity

What is Password Policy? | How a Strong Password Policy Protects Your Data? Learn about the best practices for creating secure passwords, the importance of password expiration, multi-factor authentication, and more. Stay ahead of cyber threats by implementing an effective password policy today! Watch Here: https://lnkd.in/euZGXVMW #PasswordPolicy #InfosecTrain #Cybersecurity #StrongPasswords #AccountSecurity #PasswordManagement

Over 1 Billion People's Data Exposed! Should You Be Worried? This is the story that a massive data breach has been compiled from various leaks, potentially affecting BILLIONS this "Compilation of Many Breaches" (COMB) exposes sensitive details like phone numbers, addresses, and even ID numbers. Why is this a big deal? The more complete the data on individuals the better picture attackers can build of employees and individuals online identities. Increasing the risk of identity theft and targeted attacks. Here are some steps to take: 1️⃣ Change your passwords regularly (use a strong password manager!) 2️⃣ Enable two-factor authentication (2FA) wherever possible 3️⃣ Monitor your accounts for suspicious activity If you are worried, lookup Have I Been Pwned https://lnkd.in/eJJADDEs or https://lnkd.in/erR29TPx #CyberSecurity #Cyber #DataBreach

And so does the RockYou list grow again. It grew by about 2 billion unique passwords in less than 2 years. 10 billion leaked passwords, this monstrosity of a text file, is helping hackers with automated dictionary attacks. Don't get me wrong, dictionaries of this size are hard to manage and it takes days to get through this list of known passwords. However, in my opinion, the point of this list is not really that someone has been able to compile it, but rather that everyone should rethink their password hygiene. If you use password managers with strong generator and unique password for every account, you will not fear this list. Traditional passwords should be dead after seeing the RockYou file. https://lnkd.in/gi46yxAJ

300DaysCyberSec: CyberSecurity Update-#day214 🗓 Date-:11/9/2024 User ID Controlled by Request Parameter with Data Leakage in Redirect 🚨 We’ve identified a critical vulnerability related to user ID parameters in redirects. Here’s how it works: 1. Log in using the supplied credentials and access your account page. 2. Send the request to Burp Repeater. 3. Change the "id" parameter to another user (e.g., `carlos`). 4. Observe the response: Although you’re redirected to the home page, the response body contains the API key for the user you’ve impersonated. ⚠️ Impact: This data leakage can lead to unauthorized access to sensitive information, including API keys. 🔒 Mitigation: Ensure proper validation and handling of user ID parameters in redirects to prevent such data breaches. Stay vigilant and prioritize security to safeguard sensitive information! 💪🔐 #CyberSecurity #DataLeak #SecurityVulnerability #InfoSec #EthicalHacking #BugBounty

Wrapping up Cybersecurity Awareness Month with episode 5 of Building Cybersafe Communities. Just because October is ending, doesn't mean we can lower our guard. Stay diligent. https://lnkd.in/gg7nS6v6