I'm pretty sure the Rockyou2024.txt file doesn't have 10 billion passwords in it. In fact, after poking around at this monster 145GB text file for a few hours, I didn't come across a single thing that looked like a password. The original Rockyou.txt leak was 133MB of plaintext passwords, one password per line. This file had nearly a gigabyte of unprintable characters alone. I share more details and some screenshots in this Mastodon thread, here: https://lnkd.in/enC6v6gd
Security Weekly Productions’ Post
More Relevant Posts
-
Hear from expert TimBall, CISO for NGO-ISAC, on his experiences in the industry and how he advises his members on finding the right tool. Especially when it comes to making sure the tool isn’t a ‘shiny object’ purchase but actually addressing your organizations underlying issues and bringing value! Bonus, let’s talk about election security! https://bit.ly/3ZUwq4L Segment Resources: https://www.ngoisac.org/ Show Notes: https://lnkd.in/erdZ_Hyq Jessica Hoffman, CISSP
✂️ Tool Selection
youtube.com
To view or add a comment, sign in
-
We've been hearing a lot lately about how the talent gap in cybersecurity is much more complex than some folks have been making it out to be. While making six figures after going through a six-week boot camp might be overselling the cybersecurity job market a bit, it is definitely a complex space with lots of opportunities. Fortunately, we have folks building passion projects like My Cyber Path. When Jason Shockey transitioned into #cybersecurity from the military, he took note of the path he took. He also noticed how different the path was for many of his peers. Inspired by NIST NICE and other programs designed to help folks get a start in cyber, he created My Cyber Path. My Cyber Path has a very organized approach. There are 12 paths outlined, which fall into 4 main areas. After taking a personality test, this tool suggests the best paths for you. Hmmm, this sounds a lot like the sorting hat in Harry Potter, and there are 4 "houses" you could get put into... coincidence? https://bit.ly/3ZPfPzb
✂️ Good Example
youtube.com
To view or add a comment, sign in
-
The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticing, but deployments require major architectural, hardware, and software changes to be successful. Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss how their Zero Trust Endpoint Protection Platform can start to help you attain #ZeroTrust from your endpoints by: - Blocking Untrusted Software - Ringfencing™ Applications, and - Dynamically Controlling Network Traffic https://bit.ly/3BGQD3G
✂️ Zero Trust
youtube.com
To view or add a comment, sign in
-
C3pbot, Kaspersky, Octo2 Electric Boogaloo, Honkai: Star Rail, ServiceNow, LinkedIn, IoT, Josh Marpet, and more on the Cyber Security News. https://bit.ly/3XO4htk
✂️ Cyber Insurance
youtube.com
To view or add a comment, sign in
-
APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational damage. In this discussion, David Holmes offers insights into the latest trends in #API and bot attacks and provides strategies to defend against these threats. #appsec #cybersecurity https://bit.ly/4eTsntp Segment Resources: The Economic Impact of API and Bot Attacks: https://lnkd.in/ebwuwtpJ... The True Cost of API Insecurity and Bot Attacks in 2024: https://lnkd.in/ebwuwtpJ... This segment is sponsored by Imperva. Visit https://lnkd.in/eCztS_sr to learn more about them! Visit https://lnkd.in/eZrfEBJY for all the latest episodes! Show Notes: https://lnkd.in/eSn4URpu
✂️ API
youtube.com
To view or add a comment, sign in
-
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker, and More on the Security Weekly News. https://bit.ly/3zKuJfw This segment is sponsored by ThreatLocker. Visit https://lnkd.in/eMvABg2 to learn more about them! Visit https://lnkd.in/eUwRwbwF for all the latest episodes! Show Notes: https://lnkd.in/eJchh7Rx
✂️ Salt Typhoon
youtube.com
To view or add a comment, sign in
-
Kayla Williams, #CISO at Devo, discussed the role of #AI in #cybersecurity and the ongoing issue of burnout for #SOC analysts. Working with Wakefield Research, Devo discovered that 83% of IT professionals feel burnt out due to stress, lack of sleep, and anxiety. Many also report that their burnout leads to breaches. https://bit.ly/4dFCBg6 This segment is sponsored by Devo. Visit https://lnkd.in/ePCERNJW to learn more about them! Segment Resources: SOC Analyst Appreciation Day: https://lnkd.in/g-pNjjdv Visit https://lnkd.in/e5M6R3hc for all the latest episodes! Show Notes: https://lnkd.in/eqh2htQi
✂️ Burnout
youtube.com
To view or add a comment, sign in
-
Let’s talk about how regardless of your organization's data footprint being in the cloud or on prem, or if you’re a billion-dollar organization or smaller, if the adversaries want in, they will find a way. Don’t fall victim because of bad cyber hygiene but instead work your experiences, your leadership, and train your people to limit exposure. Hear from Incident Response expert, Levone Campbell, on the lessons he learned in being proactive and reactive to some of the largest incidents in history. https://bit.ly/3TMLLjI This segment is sponsored by Semperis. To combat today's cyber attacks, enterprises like yours need a way to see the whole picture beyond silos and secure their entire hybrid AD environment. Now you can — with Semperis. Visit https://lnkd.in/egwMV3Hc Show Notes: https://lnkd.in/ev8MnqEf Jessica Hoffman, CISSP
✂️ Incident Response
youtube.com
To view or add a comment, sign in
-
In this episode with Whitney Young, we explore some compelling reasons for transitioning from traditional SOAR tools to next-generation SOAR platforms. Discover how workflow automation and orchestration offers unparalleled speed and flexibility, allowing organizations to stay ahead of evolving security threats. We also delve into how advancements in AI are driving this shift, making new platforms more adaptable and responsive to current market demands. https://bit.ly/3zxspsb Segment Resources: - Learn more about using Tines for Security: https://lnkd.in/ePh2dqMX - Peruse the Tines library of 'Stories' built by Tines partners and customers: https://lnkd.in/e-qUn7YU - Learn how to integrate AI tooling into Tines stories and workflows: https://lnkd.in/eAyNrghg This segment is sponsored by Tines. Visit https://lnkd.in/eYGKDhr2 to learn more about them! Visit https://lnkd.in/eFKJWwZV for all the latest episodes! Show Notes: https://lnkd.in/eEE7NpSM
✂️ Case for Migrating
youtube.com
To view or add a comment, sign in
-
A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days. I've been on the fence when it comes to phishing simulation, partly because I used to phish people as a penetration tester. It always succeeded, and always would succeed, as long as it's part of someone's job to open emails and read them. Did that make phishing simulation a Sisyphean task? Was there any value in making some of the employees more 'phishing resistant'? And who is in charge of these simulations? Who looks at a fake end-of-quarter bonus email and says, "yeah, that's cool, send that out." https://bit.ly/3XYzHP4 Segment Resources: - Phishing in Organizations: Findings from a Large-Scale and Long-Term Study: https://lnkd.in/ea-jdd6t - The GoDaddy Phishing Awareness Test: https://lnkd.in/eDBcjraK... - The Chicago Tribune - How a Phishing Awareness Test Went Very Wrong: https://lnkd.in/e8nvZ5sv... - University of California Santa Cruz - This uni thought it would be a good idea to do a phishing test with a fake Ebola scare: https://lnkd.in/eiRVGWHS... Visit https://lnkd.in/eFKJWwZV for all the latest episodes! Show Notes: https://lnkd.in/eEE7NpSM
✂️ Phish
youtube.com
To view or add a comment, sign in
7,773 followers