Most common passwords of 2012

Here are the most common passwords of 2012. If you use one of these you should feel a little guilty (and very worried about the security of your data), and immediately change your password. Note: Adding “1” at the end of your password doesn’t fool anyone.

The passwords and their position change from 2011:

1. password (Unchanged)
2. 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja     (New)
24. mustang (New)
25. password1 (New)

http://www.prweb.com/releases/2012/10/prweb10046001.htm

Comments Off on Most common passwords of 2012

Small business security breach infographic

Here’s an interesting infographic showing statistics on small businesses security breaches. The majority of security breaches last year were in companies with less than 100 employees. Naturally, a large number of small businesses think they’re too small to be targeted by attackers.

http://25.media.tumblr.com/tumblr_m6p4vvgOJl1qhmvhmo1_1280.png?sf5498053=1

Comments Off on Small business security breach infographic

Yahoo accounts hacked, change your password.

Details are thin since this was just announced, but 450,000 Yahoo accounts have had their passwords revealed. If you have a Yahoo account you’ll want to change your password immediately.

http://arstechnica.com/security/2012/07/yahoo-service-hacked/

Comments Off on Yahoo accounts hacked, change your password.

FBI warns of malware installed via hotel Internet connections

If you’re traveling abroad be extra careful when it comes to surfing the web, clicking on pop up windows, and software updates. The FBI has found that laptops using hotel Internet connections are being infected with malware that masquerades as legitimate software updates. Reading between the lines it sounds like foreign agencies are specifically targeting hotel networks where US citizens are known to stay, giving them a higher rate of infection of US targets versus other locations. Be sure to update your computer before you leave for a trip and verify any updates you install while abroad.

http://www.ic3.gov/media/2012/120508.aspx

Comments Off on FBI warns of malware installed via hotel Internet connections

600,000 Macs infected with Flashback botnet

It’s estimated that 600,000 Macs are infected with the Flashback botnet, evidence that OS X is becoming a more popular target for attackers. Be sure to apply the OS X Java update that came out recently, and use a virus scanner for a little extra protection.

http://news.cnet.com/8301-1009_3-57409619-83/more-than-600000-macs-infected-with-flashback-botnet/

Comments Off on 600,000 Macs infected with Flashback botnet

Public Key Cryptography explained simply with paint

Have you ever wondered how sensitive data is exchanged over the Internet and kept secret from prying eyes? Here’s a great explanation of Public Key Cryptography using paint.

http://www.youtube.com/watch?v=3QnD2c4Xovk

Check out the rest of his videos, there’s more interesting security-related stuff.

http://www.youtube.com/user/ArtOfTheProblem

 

Comments Off on Public Key Cryptography explained simply with paint

Your password is a lot weaker than you think

Today I was looking for a password strength calculator to estimate how long it would take to break your typical 8 character “strong” password, which most people say would take years to break. After I found a decent one I realized most of them are based on the speed of the CPUs found in your average computer. However, thanks to advances in password cracking utilities you can now use the GPUs found in graphics cards, which are much faster than CPUs. An 8 character password that would take a year to crack with a computer’s CPU only takes 19 hours with the GPU in a graphics card. When people tell you your data is safe because you have a strong password, think again.

How can you protect yourself? The two most popular options these days are a longer password (think 32 characters), or two-factor authentication. A longer password is the easiest option, just use a sentence for a password instead of a single word. Two-factor authentication typically isn’t easy to set up and is aimed and larger businesses, but Google, Facebook, and a number of banks now support two-factor authentication for clients. If you have the option for two-factor authentication I definitely recommend enabling it.

http://hackaday.com/2011/06/01/gpu-password-cracking-made-easy/

http://www.zdnet.com/blog/hardware/cheap-gpus-are-rendering-strong-passwords-useless/13125

Comments Off on Your password is a lot weaker than you think

Bank funds stolen via electronic transfer. Protect the computer you use for online banking.

$19,000 was stolen recently from a bank in New Jersey via electronic transfer. These incidents occur more often than you’d think, and affect both businesses and individuals. The end of the article talks about measures they’re taking to prevent this in the future, mainly using an dedicated computer for banking that isn’t used for web surfing, email, file transfers, or anything other than banking. A few years ago people would have laughed at air-gaping a system like the Department Of Defense does, but it’s becoming a more popular way to protect ultra-sensitive data. I’ve recommended similar solutions (including virtual machines) in situations where the cost of stolen data or computer downtime greatly outweighs the inconvenience or price of the solution.

http://www.nj.com/salem/index.ssf/2012/01/computer_hackers_tap_into_sale.html

Comments Off on Bank funds stolen via electronic transfer. Protect the computer you use for online banking.

Teenagers share passwords as a sign of affection, and an infographic on passwords

Here’s an interesting article from the New York Times showing that the future of our workforce (The Millennial generation) views sharing passwords as a sign of affection. Here’s to hoping that changes as they grow up, both for their sake and the companies they work for.

http://www.nytimes.com/2012/01/18/us/teenagers-sharing-passwords-as-show-of-affection.html

On a similar note, this is a nice infographic with tips on creating and keeping strong passwords, and some interesting password statistics.

http://cache.gawkerassets.com/assets/images/17/2012/01/09c4f2162f6a3f9cd9f55d091f48b615.jpg

Comments Off on Teenagers share passwords as a sign of affection, and an infographic on passwords

The profitability of scareware and social engineering

Here’s a good article that Wired had a while back on scareware, those ads that pop up saying you’ve been infected with a virus and you should buy their product to remove it. It’s amazing what an empire you can build by exploiting people’s trust. They’re the same tricks that have been around for thousands of years, just adapted to the Internet.

http://www.wired.com/magazine/2011/09/mf_scareware/all/1

Comments Off on The profitability of scareware and social engineering