Let’s face it — everyone pretty much hates passwords. While many industry titans are making significant and noteworthy moves to eliminate passwords and offer a passwordless future, it still seems as if passwords are not disappearing from our lives fast enough. In fact, it seems there are more passwords to keep track of than ever […]
In 2017, the National Institute of Standards and Technology (NIST) released NIST Special Publication 800-63B Digital Identity Guidelines to help organizations properly comprehend and address risk as it relates to password management on the part of end users. Nearly every year since, NIST has undertaken to update or underscore these guidelines as security experts continue […]
Assessing The Risk of Compromised Credentials to The Enterprise Businesses today face an abundance of organizational risk. These come in the form of creating the business model itself, dealing with third parties, managing vendors and partners, monitoring internal and external fiscal fraud, exercising premise security, and the like. In the 21st century, no greater risk […]
by Stan Bounev and Chris Olive When faced with the problem of data being open to all users on an early, 1960’s mainframe computer, Fernando “Corby” Corbato rather nonchalantly assigned passwords to protect user private data, and the concept of the computer password was born. Fast forward to today, and no one ever would have […]
Account Takeover (ATO) Attacks Simply Don’t Matter Account Takeover (ATO) attacks seemingly just don’t matter. That’s the conclusion a semi-informed outside observer might potentially come to based on how these pernicious attacks are being addressed by the cybersecurity community. That ATO attacks desperately need to be addressed, and addressed in the right way, goes without […]
“Baby born with two heads! Alligators found in Central Park! 773 Million Credentials Leaked! Largest Breach In History! Step right up folks, and get the latest news, exclusively right here!” And so it may as well have been last week. The sensationalized news of the Collection #1 breach touted as “one of the largest breaches […]
I am frequently asked about how VeriClouds Identity Threat Protection is any different than the free service Have I Been Pwned (HIBP). As the world’s obsession with whether they have been pwned or not became more obsessive and more compulsive, my team at VeriClouds was busy building the next generation credential monitoring and verification platform. […]
Google along with researchers from University of California recently published a research paper titled “Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials” in an effort to better understand the risks of stolen credentials posed to billions of Internet users. The research is based on a dataset of 1.9 billion of stolen credentials […]
High-profile data breaches in recent years have created a new and rapidly emerging high-risk reality that businesses must be made aware of, and which can no longer be ignored. This high-risk reality is the creation and accessibility of huge data lakes containing billions of leaked credentials for sale on the dark web that provide exact […]
HIBP (haveibeenpwned.com) is a well-known website which allows people to check if any of their online accounts have been compromised in previous data breaches. You provide an email address and it will tell you in which data breaches this email address has been found (Figure 1). Nice and easy, right? There are two major issues […]
Please enter a business email address to obtain proper delivery of the product. If you do not have a business email address or experience any issues during the registration process, please send an email to support@vericlouds.com
