The attack here seems to be that users self-created and used weak passwords to protect their Norton logon account that also protected their Norton password manager.”Īttackers lately have focused identity and access management systems as a target, given that one compromise can unlock a veritable treasure trove of data across high-value accounts for attackers, not to mention a bevy of enterprise pivot points for moving deeper into networks.
“Password managers create strong, perfectly random passwords that are essentially unguessable and uncrackable.
“If I understand the reported facts, the irony is that the victimized users would have probably been protected if they had used their involved password manager to create strong passwords on their Norton logon account,” he said via email. In credential-stuffing attacks, threat actors use a list of logins obtained from another source - buying cracked account info on the Dark Web, for instance - to try against new accounts, hoping that users have reused their email addresses and passwords across multiple services.Īs such, the irony of the Norton incident is not lost on Roger Grimes, data-driven defense evangelist at KnowBe4. NASDAQ:NLOK NortonLifeLock - NLOK Stock Forecast, Price & News 16.64 +0.32 (+1.96) (As of 12:00 AM ET) Compare Today's Range 16.28 16.69 50-Day Range N/A 52-Week Range 20.12 30.92 Volume 6.75 million shs Average Volume 5. Password Reuse Subverts Password Management Those “details,” of course, are the strong passwords generated for any online services the victim uses, including corporate logins, online banking, tax filing, messaging apps, e-commerce sites, and more.
0 kommentar(er)
