Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave’s Best Practices for Protecting Against Mother of all Data Breaches

The discovery of what has been dubbed the Mother of all Data Breaches (MOAB), reportedly containing 12TB or 26 billion records representing 3,800 separate data breaches, should remind everyone of the need to maintain strong passwords and change default credentials.

The hoard contained user data from some of the world's best known brands, including Twitter (now X), LinkedIn, Zynga, and Adobe, along with records of various government organizations in the US, Brazil, Germany, Philippines, and Turkey, according to CyberNews. It's not known who or what group collected the data, but it's believed to be comprised of a combination of previously and newly stolen records.

Despite likely containing a great deal of older information, MOAB presents a massive threat to the general public and the breached organizations. This threat exists primarily because too many individuals not only never change their passwords but often reuse them across multiple accounts.

At the same time, MOAB’s revelation is an excellent reminder to organizations of the importance of changing admin credentials on devices within their networks.

 

Devising Strong Passwords isn't Difficult 

Sure, going into an account and altering a password can be a bit time-consuming, but coming up with an effective, easy-to-remember password is simple. To make the task even easier, here are some top tips from the elite Trustwave SpiderLabs team to ensure their organization has a strong password security posture:

  1. Add Complexity to Your Passwords
    Length does matter. Passwords with eight characters can be cracked within a day using brute-force techniques. Opt for a minimum of 10 characters for increased security. Mix it up by incorporating symbols, numbers, and a combination of uppercase and lowercase letters to make your password more resilient against hacking attempts.
  1. Embrace Passphrases
    Easy to Remember, Hard to Crack: Utilize phrases that are memorable to you but challenging for others to guess. For instance, "GoodLuckGuessingThisPassword" provides both strength and memorability.
  1. Regularly Change Your Passwords
    Doing so helps one stay ahead of threats. It's a solid practice to change passwords every 60 to 90 days, especially for sensitive accounts. Avoid using the same password across multiple platforms to mitigate risks.
  1. Salt and Hash for Added Security
    IT administrators should use unique, random "salts" when "hashing" stored passwords. This involves combining a piece of random data with each password before calculating the hash.
  1. Implement Strong Password Policies
    An organization's password policies should consider contextual elements, such as company identifiers, products, or local references. Tailor policies to enhance security without sacrificing usability.
  1. Conduct Password Audits
    Identify weak links by regularly auditing staff passwords to pinpoint vulnerabilities within your organization. Threat actors often target non-tech-savvy users, making it crucial to address potential soft spots.
  1. Explore Two-Factor Authentication (2FA)
    MFA effectively creates a double layer of defense. Supplement passwords with 2FA to add an extra layer of verification. If a password is compromised, the second factor acts as a formidable defense.

 

Unchanged Admin Credentials are an Unlocked Door

One of the easiest paths into an organization is through an Internet of Things (IoT) or connected device that retains the admin credentials set at the factory. These credentials are often well-known and available to threat actors via the dark web.

While the MOAB data dump may or may not contain such credentials, the possibility certainly exists and is a good reminder that there are other methods threat actors use to gain credentials.

Let's take a quick refresher course:

  • Phishing attacks typically involve sending an email or message that appears to be from a legitimate source. The email requests the user enter their login credentials into a site the threat group controls thus giving them the credentials or open what is likely a malicious attachment that could host credential stealing malware.

To protect against phishing attacks, always be cautious of emails or messages that ask you to open attachments, follow web links, or enter your login credentials.

  • Social engineering involves using psychological manipulation to trick users into divulging sensitive information. A cybercriminal may call a user and pretend to be from IT. They will ask for a screen share and use the access to install keylogging software or other malware designed to harvest credentials.

To protect yourself from social engineering attacks, you should always be cautious of requests for sensitive information, particularly if they are unsolicited. It would be best if you were also wary of any request to gain access to your computer without verifying the request through authorized channels.

  • Credential Stuffing is a type of cyberattack where attackers use a large database of compromised login credentials, such as the MOAB cache, containing usernames and passwords. The technique involves the automated input of these credentials into login pages to gain access to a user's account. This technique is made possible by the widespread use of weak or reused passwords across multiple online accounts.
  • A brute force attack tries to crack a password by guessing every possible combination until it finds the correct one. To prevent brute force attacks, users should ensure that their passwords are strong and complex, with a mix of uppercase and lowercase letters, numbers, and special characters. Organizations should also implement policies that require regular password changes and limit the number of failed login attempts.

 

How Trustwave Can Help

Organizations that lack the in-house ability to handle these tasks required to maintain security should consider partnering with a company with such expertise. A Managed Security Service (MSS) provider like Trustwave, with our Managed Detection and Response (MDR) solution, may provide the answer. 

Without the right expertise, organizations won't get the value out of these technologies that they desire. Likewise, a traditionally managed security service provider (MSSP) that focuses on monitoring logs and alerts is missing a large part of the picture and can generate many false positives and low-value work for their customers.

 

Screenshot 2024-01-24 at 18.23.25

Click the Consulting and Professional Services image to get started down the path to great cybersecurity.

Latest Trustwave Blogs

Comparably Honors Trustwave with Leadership and Career Growth Awards

Comparably, the leading workplace culture and compensation monitoring employee review platform has recognized Trustwave with two major awards: 2024 Best Companies for Career Growth and 2024 Best...

Read More

Why Removing Phishing Emails from Inboxes is Crucial for Healthcare Security

The adage "data is the new oil" doesn't resonate with everyone. Personally, having grown up around cars thanks to my dad, a master mechanic, I see oil as messy and cumbersome. Data, in my view, is...

Read More

How Deepfakes May Impact Upcoming Elections Worldwide

The common fear regarding election interference is that a threat actor will gain access to either ballot machines or the networks that tally votes. However, there is a much easier method a person...

Read More