techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.7K
active users

#PasswordSecurity

2 posts2 participants0 posts today

Weak or compromised passwords are still one of the most common ways attackers get into an organisation’s network.
 
That’s why running password audits in Active Directory is so important. But smaller companies often don’t have the time, budget, or resources to do them regularly.
 
Our latest blog post gives you a step-by-step guide to run a proper password audit using free tools available online.
 
📌Read here: pentestpartners.com/security-b
 
Why do audits and training matter?
 
Without regular audits to spot gaps, and proper staff training on how to create strong, secure passwords, breaches can and do happen. Technical tools alone won’t stop them.
 
In most cases, the weakest part of the system isn’t the technology, it’s the people using it. That’s why it is important to train users on how to set strong passwords, which can then be audited.

New Open-Source Tool Spotlight 🚨🚨🚨

Hashcat supports over 300 optimized hashing algorithms and runs on CPUs, GPUs, and accelerators across Linux, Windows, and macOS. Five attack modes make it a versatile password recovery tool. #hashcat #passwordsecurity

🔗 Project link on #GitHub 👉 github.com/hashcat/hashcat

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

16 Billion Leaked Credentials? Don’t panic—this isn’t a new data breach.

Headlines about a “historic data breach” are making waves, but this isn’t a new breach. The story about 16 billion credentials circulating online is actually a compilation of old leaks, mostly gathered by infostealer malware and credential stuffing attacks.

However, this is a good reminder about your cybersecurity hygiene. Remember to protect yourself and your organization:

• Use strong, unique passwords for every account
• Store them securely with a reputable password manager
• Turn on two-factor authentication (2FA)—preferably with an app like Authy or Google Authenticator
• Scan your devices for malware before changing passwords if you suspect an infection

Read the article for details: bleepingcomputer.com/news/secu

🔐 Modern Password Security Threats: Protecting Your Digital Identity 🕵️‍♀️ 🛡️ 🚨

Cybercriminals use sneaky techniques to crack passwords and gain access to accounts. Here are the most common attacks:

⚒️ Brute Force – Tries every possible password
📖 Dictionary Attack – Uses common words & phrases
🌈 Rainbow Table – Cracks password hashes
👀 Shoulder Surfing – Spies on you while typing
⌨️ Keylogging – Records everything you type
🎯 Password Spraying – Tests common passwords on many accounts
🎭 Social Engineering – Tricks you into revealing passwords
🎣 Phishing – Fake emails & websites steal your login
🎟️ Credential Stuffing – Uses leaked passwords from breaches
🕵️ Man-in-the-Middle – Intercepts data over networks

🛡️ Stay Safe! Use strong, unique passwords, enable 2FA, and beware of phishing scams.

Which attack surprised you the most? Let’s discuss in the comments! ⬇️

⚠️ This content is shared strictly for educational and informational purposes only. 📚 All information is provided to help individuals and organizations better protect themselves against security threats. 🔒 The techniques discussed are presented solely to improve awareness and defensive measures, not to facilitate any unauthorized access. ✅

HIBP 2.0 (Have I Been Pwned) has launched with a redesigned interface, improved search features, and a new Breach Page that provides incident details and recovery tips.

Users can now receive breach notifications, and domain search has been enhanced. Support for usernames and phone numbers has been removed.

My personal advice: never disclose passwords online.

cybernews.com/tech/troy-hunt-l