Saturday, July 25, 2020

The Twitter Hack: What We Should Really Be Worried About


Of course it was a surprise to log onto Twitter two weeks ago to find that over a hundred accounts had been hijacked, but sadly, hacking is so commonplace today--even of large companies that hold vast quantities of personal information--that it's only somewhat interesting.

Most people kept tweeting, with only cursory reminders and jokes about passwords and password managers. And after the hack was brought under control, activity returned mostly back to normal.

Twitter's statement indicates the hacker got access to the tools used to access the accounts that were hacked via a social engineering scam that involved employees. Apparently, over 1,000 employees at Twitter had access to these tools. There are several facts still in question. 

One is why over a thousand employees had access to tools that allow such control over the company's user-facing system, and whether their use of these tools is audited, as is common practice. 

A second is how the alleged social engineering took place. 

 But that's not the point.

Friday, July 24, 2020

KeyReel's Monthly 5-Plus-One Story Roundup


Five items of interest within the past 30 days about safety, privacy, and technology that you should see. Plus one of our own

  1. Stealthbits with Troy Hunt: The History of Passwords Presentation by Troy Hunt. Security isn't about the lock itself. It's about the Mindset employed by the person trying to get in.

  2. Before You Use A Password Manager Part I of a two-part series by Stuart Schechter. Consider the strengths and weaknesses of any password manager. Using it irresponsibly could be your downfall.
  3. Before You Turn On Two-Factor Authentification Part II of a two-part series by Stuart Schechter. Read on if you've decided on a password manager and you're wondering whether 2FA is worth the headache. 

  4. Why Is 3sYqo15hiL Such A Popular Password? Hey, you must know at least one person who uses it. 

  5. Secrets, lies and Snowden's email: why I was forced to shut down Lavabit How Edward Snowden's private email provider learned the reality of privacy in the US.

Monday, July 6, 2020

4 Ways Hackers Steal Data And How To Protect Yours

Old joke: The average user types the correct password after the fifth attempt, but an average hacker picks it up from the third. Yeah, we don't think it's funny, either.

Everyone wants to avoid hacking because of the devastation identity theft can cause. But the truth is, unless you're multi-millionaire, you are unlikely to become an isolated target of a cyber attack. Still, no one can resist low-hanging fruit. If your accounts are vulnerable, they're likely to be hacked simply because it was too easy not to.