We just told you • The register
Shortly NordPass has released its list of the most common passwords of 2022, and to be honest, we’re disappointed in all of you.
Unfortunately, at the top of the list of most common passwords was “password”, followed by “123456” and its more secure cousin “123456789”, “guest”, “qwerty” and many more that you can definitely figure out without the help of a cracking tool.
Seriously, few of the passwords in this list are even words: most are just repetitions of a single character, sequences of easy-to-guess numbers, a direct run down a series of keys, or simple combinations like “pass@123”.
Along with a depressingly simple list of common passwords and the speed it takes to crack them (most listed as <1 second), NordPass shared some stats on what's trending in the password world, like the word "Oscars ', which particularly pops up around awards season as well as 'Batman', 'Euphoria' and 'Encanto' after the films and TV series of the same name, which were hugely popular that year.
This is hardly the first time a list of the most common passwords has been headlined by such easy-to-guess words — not even this year. Unfortunately, this means there is an issue with people not receiving the password hygiene message.
Alternatively, it’s possible that many of the basic passwords on this list came from internet-connected devices whose owners haven’t changed their default passwords. Whether or not that’s the case is unknown, but if true, it could point to another issue that really needs addressing.
Coming back to human-generated passwords, NordPass has some tips for those of us who’d rather be subject to an easy hack than create a hard-to-guess one. You’ve probably heard these before, but they clearly need to be mentioned again.
First, make sure it’s at least 12 characters long and mix uppercase/lowercase letters with numbers and symbols. Better yet, use a password generator.
It’s also important not to reuse passwords across accounts, which most of us are probably guilty of, as well as regularly auditing accounts to see which ones you no longer use and can close to reduce your online footprint.
Also, be sure to regularly check your password strength, which many password managers and web browsers that store credentials are capable of doing. Also change passwords regularly.
Speaking of which, NordPass, which works in the password management space, says everyone should have a password manager, but of course they would.
Cisco warns about Secure Email Gateway
Cisco has released a bug report warning that Sophos and McAfee scanning engines on Cisco Secure Email Gateway could allow an unauthenticated remote attacker to bypass certain filtering features. “The problem is due to improper identification of potentially malicious emails or attachments. An attacker could exploit this issue by sending a malicious email with malformed Content-Type (MIME type) headers through an affected device,” the alert reads. “An exploit could allow the attacker to bypass standard anti-malware filtering capabilities based on the affected scanning engines and successfully deliver malicious messages to end users.”
Nighthawk could be the next Cobalt Strike, researchers warn
A command-and-control framework intended for use by red teams, known as Knighthawk, is rising in popularity and will likely get into the hands of threat actors before we know it, Proofpoint researchers warn.
Nighthawk was first detected by Proofpoint in September of this year and is described by the security firm as “a mature and advanced” framework “specifically designed to bypass detections and does it well”.
Nighthawk hasn’t been used in the wild by bad actors, Proofpoint said, but notes that it “would be wrong and dangerous to assume this tool will never be appropriated.”
Proofpoint said it observed a 161 percent increase in threat actors using Cobalt Strike, a similar C2 framework, between 2019 and 2020, along with an additional rapid adoption of Silver, an open-source attack simulation tool.
Like Cobalt Strike, the company that sells Nighthawk vets its customers to make sure the software doesn’t end up in the hands of bad actors. As Google noted in a blog post this week, the review hasn’t stopped threat actors from getting their hands on Cobalt Strike, which is why the search giant said in the same post that it recently made backend changes to ensure Cobalt Strike was “tougher.” ” be for villains to abuse.” ®
https://www.theregister.com/2022/11/25/infosec_roundup/ We just told you • The register