Search the Community
Showing results for tags 'firms'.
Found 3 results
steven36 posted a topic in Security & Privacy NewsA little over 21 million login credentials stolen from Fortune 500 companies have been found in various places on the dark web, many of them already cracked and available in plaintext form. The information was compiled by crawling multiple resources, like markets in the Tor network, web forums, Pastebin, IRC channels, social networks, and messenger chats. Cracked passwords ahead 21,040,296 is the exact number of credentials belonging to companies ranking in the first 500 that security researchers found on the web. Most of them were from tech companies, closely followed by organizations in the financial industry. Entities in the healthcare, energy, telecommunications, retail, industrial, transport, aerospace and defense sectors are also on the list. Not all of them are fresh, though. ImmuniWeb says in a report published today that 16,055,871 of the credentials they found were compromised in the past 12 months. However, the researchers reveal a worrying statistic: "95% of the credentials contained unencrypted, or brute-forced and cracked by the attackers, plaintext passwords." Using machine learning technology, the researchers were able to determine the accuracy and reliability of the data set by cleaning it of fake leaks, duplicates and default passwords set automatically. Hilariously weak popular passwords Despite finding as many as 21 million login records, the report notes that only 4.9 million of them were unique, "suggesting that many users are using identical or similar passwords." Of course the most insecure password and variations of it are present in the data set; and they were found in data sets for companies in almost all verticals, except the financial one, where users relied on other, equally weak logins. Although it was not the most popular in all cases, "password" and its variants exist in the top five most used passwords. A simple glance at the passwords below makes it clear that companies still haven't learned how to protect access to their assets and that recommendation for using a strong password flew right past them. Even an uncomplicated phrase that does not use special symbols, numbers or upper case letters is better than any of them. According to the report, the weakest logins were from the retail industry, where almost half of the passwords were less than eight characters long and could be found in common dictionaries. However, companies in other industries are not far behind in this. Most industries in the top ten with the weakest passwords from ImmuniWeb's report have a third or more logins that could be cracked in seconds. The researchers note that about 11% of the passwords from a data breach are identical. This could be explained by the use of default passwords, bots creating accounts. A reset procedure that defined the same password for a large number of accounts is another possibility, ImmuniWeb says. Additionally, there may be a connection between the number of subdomains with a poor web security grade (C or F) and the exposed credentials as they are proportional. Ilia Kolochenko, CEO and Founder of ImmuniWeb says that cybercriminals focus on the shortest, least resistant path to get what they want. Given the login data in the report, they have no trouble getting their prize. Source
Businesses are becoming exasperated at the lack of progress in Brexit talks and are pausing or cancelling investment in the UK. Nicole Sykes, head of EU negotiations at the CBI Businesses are becoming exasperated at the lack of progress in Brexit talks and are pausing or cancelling investment in the UK. A week that many had hoped would bring progress in the talks has now come and gone without a breakthrough. Employers group the CBI says 80% of surveyed members feel Brexit uncertainty has already had a negative impact on investment decisions. On Friday, Theresa May held a conference call with 150 top bosses. She wanted to reassure them that she was still confident of striking a deal and that she recognised their concerns. The chief executive of one company on the call told the BBC the PM had "done a good job and had a reassuring tone" while another said there had been "nothing new in her message". Of the members surveyed by the CBI, 39% said they would trigger additional contingency plans if there was no further clarity by November, while a further 19% said it was already too late. Nicole Sykes, the CBI's head of EU negotiations, says the situation is urgent, pointing to concrete examples of cancelled projects: "We heard from a fashion house that wanted to set up a new factory in the UK. £50m of investment, cancelled. "But we're also talking about some small things. We heard from a Northern Ireland farmer who wanted to build a new machine to make their operations more efficient, grow competitive. Again, that's been cancelled. So we really are talking about real economic consequences." Despite the PM's attempts to calm nerves, many businesses are in the process of stepping up their preparations for leaving the EU without a deal at the end of March next year. Transportation worries Supermarket executives told the BBC they were weighing up the viability of flying in fresh food from outside the EU to avoid potential log jams at the ports like Dover. Different companies reached different conclusions. One said: "We haven't started chartering aircraft yet but we are looking at it. We are very worried about Dover so we are also looking at alternative ports like Felixstowe as an alternative." Another major supermarket executive said that air freight isn't the answer: "There simply isn't the capacity at a moment when every other industry will be trying to do the same thing." However, they felt that the problem is potentially so severe that they do not believe it will come to that. "There is no way the UK or EU would allow the UK to run out of food, but we are looking at alternative ways to transport fresh food, as stockpiling is not an option." The car industry is also very sensitive to supply chain hold-ups. Industry body the SMMT described the lack of progress in talks as hugely disappointing and said it had "grave concerns". Car makers are looking at alternative ports, increased warehousing and moving the supply of some parts outside the UK. BMW has already brought forward an annual shutdown of Mini production to coincide with the UK's departure from the EU, while Jaguar Land Rover has warned of the potential loss of tens of thousands of UK jobs. It's not just business which is pessimistic about a deal being struck in time. International Trade Secretary Liam Fox this week reiterated his prediction that a no deal scenario was more likely than not. "I've said that the chance of a no deal is 60% and I'm not changing that view," he said. He also told a gathering of business leaders this week that great opportunities in international trade await the UK outside the EU. Most of the audience that night will hope he got the first bit wrong. Source