Search results for tag #cybersecurity
![[?]](https://media2.ai6yr.org/accounts/avatars/109/321/592/360/914/018/original/f918064fa4350d36.jpg)
Random advice: Pegging an IT employee's performance review to the number/volume of IT or cybersecurity incidents filed/resolved will backfire, one way or another. #cybersecurity
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/113/419/993/741/057/192/original/d76a60b51a4bc03a.png)
This dumb password rule is from Targobank.
Your password must:
- must not be your username
- must at least eight characters
- must contain at least one number character
- must contain at least one uppercase character and 1 lowercase character
- must not contain spaces
- must not contain three identical characters in a row
- must not conta...
https://dumbpasswordrules.com/sites/targobank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.mastodon.social/accounts/avatars/110/656/272/811/063/860/original/5b4be034c236d08d.png)
Supermicro server motherboards can be infected with unremovable malware
#SupplyChainSecurity #HardwareSecurity #ITSecurity #CyberThreats #Cybersecurity
![[?]](https://files.mastodon.social/accounts/avatars/108/165/053/108/220/032/original/6e756e7c269ed2b0.png)
JLR shutdown extended again as ministers meet suppliers
Jaguar Land Rover has been unable to produce cars since a cyberattack at the end of August and its factories will remain suspended until next month at the earliest.
#Jaguar #LandRover #cyberattack #security #cybersecurity #hackers #hacking #hacked #automotive #auto #cars
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/246/172/390/423/290/original/b8c672f4634d54c6.jpeg)
I wrote an article about what I wish juniors in cybersecurity would ask for and contribute when asking for a mentor and career guidance, in light of the terrible tech jobs market.
https://tisiphone.net/2025/09/24/reasonable-expectations-for-cybersecurity-mentees/
#Cybersecurity #Infosec #MentoringMonday #Mentoring #CybersecurityCareers
This dumb password rule is from Anthem.com.
* Use 8-20 characters.
* Use 1 letter and 1 number.
* $ ! @ * ? | also allowed.
* Don't use spaces.
* Don't use the same character three times in a row.
* Don't use part of the username.
https://dumbpasswordrules.com/sites/anthem-com/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Dwr Cymru (Welsh Water).
Limits password length to a maximum of 16 characters
https://dumbpasswordrules.com/sites/dwr-cymru-welsh-water/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://s3.masto.ai/accounts/avatars/109/303/982/217/898/173/original/84b53833e9214e09.png)
Anthony J. Ferrante, the global head of the #cybersecurity practice at FTI, an international consulting firm, said the operation appeared to be sophisticated & costly.
“My instinct is this is #espionage,” said Ferrante, who previously served in top cybersecurity positions at the White House & the FBI.
In addition to jamming the cellular network, he said, such a large amount of equipment near the #UN could be used for #eavesdropping.
James A. Lewis, a #cybersecurity researcher at the Center for European Policy Analysis in Washington, said that only a handful of countries could pull off such an operation, including #Russia, #China & #Israel.
“This is an ongoing investigation, but there’s absolutely no reason to believe we won’t find more of these devices in other cities,” Mr. McCool [great spy name] said.
This dumb password rule is from MetLife.
Max length of 20 characters, no special characters allowed.
Pasting into the second password field is disabled even with
the Chrome extension Don't Fuck With Paste.
https://dumbpasswordrules.com/sites/metlife/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://cdn.fosstodon.org/accounts/avatars/111/317/777/528/519/611/original/cd7b729340e901c9.png)
Fosstodon, I summon thee!
I've set up Miniflux, and I need some good, reliable RSS feeds for FOSS news, technology in general, cybersecurity and gaming.
And I don't want feeds that puke out a hundred posts a day, just to put SOMETHING out there. A single, meaningful and entertainig post a day or even every couple of days is completly acceptable, and even preferred.
@mike can you recommend something good?
#rss #news #feeds #fosstodon #help #foss #opensource #technology #gaming #cybersecurity
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/292/500/061/711/468/original/8e5dc5b94a214b4b.jpeg)
Zensec has a good article on the Akira ransomware group's tactics taken directly from their DFIR experience on 16+ incidents. A few key take-aways:
- Initial Access: Please, please please patch your Internet-facing VPN and firewall devices including your Sonicwall, Cisco ASA and Watchguard devices.
- Patch our Veeam software. They used vulnerable Veeam installs to perform privilege escalation
- Block access to Anydesk.com and remotedesktop.google.com if you don't use those services
#cybersecurity #ransomware
https://zensec.co.uk/blog/unmasking-akira-the-ransomware-tactics-you-cant-afford-to-ignore/
![[?]](https://media.mstdn.social/accounts/avatars/108/197/771/273/091/445/original/bdefc5a60900fd19.png)
Any good, fairly priced, online based conferences around cybersecurity or secure app engineering coming up?
I don't have the means to travel at the moment, and too many responsibilities at home to make travelling outside of SW England, for more than a day, a bit of an issue.
This dumb password rule is from Saturn.
Passwords need to be between 8 and 15 characters.
https://dumbpasswordrules.com/sites/saturn/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Ticketmaster.de.
Your password length is limited between 8 and 32 characters.
https://dumbpasswordrules.com/sites/ticketmaster-de/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Discovery Benefits.
Requires at least one symbol, but must be one of `! @ # $ % & * ?`, and also
has an unstated max length of 20 characters.
https://dumbpasswordrules.com/sites/discovery-benefits/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Ameli.fr (French national health insurance).
This was very painful to find a password that works with this one and that I can actually remember (I ended-up using my bank-account number because everything else failed). It took me maybe one hour and I thought I would become crazy (and yes, the session expires frequently while you are actually...
https://dumbpasswordrules.com/sites/ameli-fr-french-national-health-insurance/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://cdn.fosstodon.org/accounts/avatars/109/509/696/036/420/221/original/31c9279d50e4d51c.jpg)
complyctl is a powerful command-line utility implementing the principles of “ComplianceAsCode” (CaC) with high scalability and adaptability for security compliance!
#complyctl #security #infosec #cybersecurity #Fedora #Linux #OpenSource
This dumb password rule is from LCL.
You have to enter your 6-digit password using this Frenchy keypad.
https://dumbpasswordrules.com/sites/lcl/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Canadian Imperial Bank of Commerce.
Letters and numbers only, no symbols. Also an undocumented maximum of 12 characters!
https://dumbpasswordrules.com/sites/canadian-imperial-bank-of-commerce/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from NetBank (Commonwealth Bank of Australia).
When resetting your NetBank password, the website only informs you that you can create an alphanumeric password, despite the fact that you can use special characters.
And also, it's password strength calculation is shit.
An 155 bits of entropy password is "weak."
Additionally, passwords are case-...
https://dumbpasswordrules.com/sites/netbank-commonwealth-bank-of-australia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Oracle.
*Should not* or *must not*? RFC 2119 may want a word with you.
https://dumbpasswordrules.com/sites/oracle/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Craigslist.
No minimum character limit meaning you can go as low as 5 characters for a password
https://dumbpasswordrules.com/sites/craigslist/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Nevada DMV.
- Password length must be exactly 8 characters in length
- Password must contain at least one letter (any position)
- Password must contain at least one number (any position)
- Password must contain one of the following special characters: @ # $
- Password is not case sensitive
https://dumbpasswordrules.com/sites/nevada-dmv/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.muenchen.social/media.muenchen.social/accounts/avatars/109/296/614/164/440/401/original/16a5344f51c1600c.png)
“Das ist aber eine gefährlich aussehende Kette, die du da trägst!” - “Jo, ist eine Supply Chain.”
#cybersecurity
This dumb password rule is from Tanishq.
Password must contain:
- 6 to 16 characters.
- At least one special character (@, #, $, %, * and & only).
- At least one alphabet.
- At least one number.
https://dumbpasswordrules.com/sites/tanishq/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/110/560/511/618/170/134/original/4f33ba36608d1311.png)
Wired: A DHS Data Hub Exposed Sensitive Intel to Thousands of Unauthorized Users https://www.wired.com/story/a-dhs-data-hub-exposed-sensitive-intel-to-thousands-of-unauthorized-users/ @WIRED @agreenberg #cybersecurity #infosec
This dumb password rule is from My Prepaid Center.
Only six legal special characters; maximum password length is 20 characters.
https://dumbpasswordrules.com/sites/my-prepaid-center/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Itaú Bank.
I know, it's in spanish, let me translate this monstrosity for you.
- Allowed characters: letters A to Z uppercase or lowercase (ñ is not allowed), number 0 to 9, #, $, %, &, +, -, . :, ;, _.
- You must use 8 characters.
- The password must contain at least one letter and at least one number.
- ...
https://dumbpasswordrules.com/sites/itau-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
"...confirmed a data breach affecting customers of its luxury brands Gucci, Balenciaga, Alexander McQueen, Yves Saint Lauren, and others, on Monday.
Hackers stole sensitive customer data such as names, email addresses, phone numbers, home addresses, and the total amount of money they spent in stores all over the world...."
This dumb password rule is from Banco Nacional (Costa Rica National Bank).
Between 8 and 16 characters.
Must have 4 numbers and 4 letters.
Must not contain same letter or number in consecutive order.
Can't contain vowel letters neither the letter Ñ.
Password can't be the same as the previous 6 used.
https://dumbpasswordrules.com/sites/banco-nacional-costa-rica-national-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
Email: "Our tracking shows you have not been opening our newsletters... so we are going to unsubscribe you.."
Me: "NO, you nitwits, I have an ad blocker on and I'm blocking your tracking pixels..."
(Actually: was not actually signed up for any of their emails yet, valid news source I have a subscription too but hadn't gotten that far. 🤔 )
This dumb password rule is from Taiwan Pingtung University.
Password must:
- Be between 8 ~ 15 characters long.
- Exceeding 15 will result in an account lockout instead of
erroring on submit. Otherwise, the max character
length should be 20.
- Contains at least 1 number character
- Contains at least 1 lowercase character
- Contains at least 1 uppercase ...
https://dumbpasswordrules.com/sites/taiwan-pingtung-university/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from CenturyLink Residential.
Your password is too long. But how long can it be? Oh, we won't tell you.
https://dumbpasswordrules.com/sites/centurylink-residential/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from GoDaddy SFTP.
Max 14 characters for the most important password in your shared hosting environment.
https://dumbpasswordrules.com/sites/godaddy-sftp/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://cdn.fosstodon.org/accounts/avatars/106/304/718/945/522/344/original/7382ae4ca53372f8.jpg)
University of Pennsylvania increases the minimum password length from 8 to 16 characters.
This dumb password rule is from Air France.
- Between 8 to 12 characters
- Should contain capital, lowercase letters and numbers
https://dumbpasswordrules.com/sites/air-france/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from GoFundMe.
- At least one uppercase and one lowercase letter
- At least one number and one special symbol
- Does not specify which characters are considered special symbols; did not recognize spaces as special symbols
https://dumbpasswordrules.com/sites/gofundme/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from ING Romania's Internet Banking Portal.
No more, no less than 5 digits. This is the password you use to log in and to confirm
online transactions. They used to have "normal" passwords and they forced everybody to
change to the 5 digits versions. They said they've made it "so it's easier for you" and it's
OK, because everybody has 2FA.
https://dumbpasswordrules.com/sites/ing-romanias-internet-banking-portal/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from NetBank (Commonwealth Bank of Australia).
When resetting your NetBank password, the website only informs you that you can create an alphanumeric password, despite the fact that you can use special characters.
And also, it's password strength calculation is shit.
An 155 bits of entropy password is "weak."
Additionally, passwords are case-...
https://dumbpasswordrules.com/sites/netbank-commonwealth-bank-of-australia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://cdn.masto.host/socialxk7net/accounts/avatars/114/400/335/438/559/090/original/5b4a68b4c114f662.png)
A 7 year old (yes really) has been referred to the National Crime Agency's Cyber Choices programme to understand the consequences of their actions.
I hope the Head of IT at the school / local authority / trust has also been referred to a similar programme for Cyber Security training, because if a 7 year old can hack your systems then they must be wide open.