Your passwords are the gateway to your files, money, and identity, so it’s no surprise that hackers are constantly trying to steal them. Most cybercriminals will use malware to do the trick, but they also have other means at their disposal. Google’s year-long security investigation provides the details.
A password policy designed for federal agencies must be secure, right? Surprisingly, that hasn’t been the case according to the National Institute of Standards and Technology (NIST). On the hook for the password best practices that we still use today — the combination of letters, capitalizations, and numbers — NIST admits that the existing guidelines were misguided.
With the popularity of Office 365, hackers are trying to find new ways to exploit its users, and they’ve come up with a new idea: a credential-harvesting campaign that uses personalized spear-phishing mails as a tool. If you’re an Office 365 user and don’t want your account compromised, read on.