Search This Blog

Showing posts with label Customer Passwords. Show all posts

Experts Named the Most Popular Passwords of Russians


Passwords consisting of simple sequences of letters and numbers became the most popular passwords in Runet in 2021. Combinations qwerty123, qwerty1 and 123456 take top lines of the rating, the fourth place goes to a11111 and fifth place to 123456789. It is noted that among Cyrillic passwords, the most common are "password", "love", "hello" and "natasha". 

Analysts have studied 35.5 billion unique pairs of logins and passwords, including 250 million new ones. According to their data, only 3.5 percent of passwords can be called complex, and 16.5 percent are long. 

According to Alexei Drozd, head of information security at SerchInform, users risk losing access to their pages and personal accounts on various resources using easy passwords in the absence of two-factor authentication. He warned that it's especially dangerous if fraudsters gain access to a person's main mailbox. Then attackers will have an opportunity to take possession of more information, resetting the password from other services. 

For example, passwords are checked for security every time users enter them to access Yandex services: a database of 1.2 billion compromised credentials is used for this purpose. The same check is carried out in VKontakte. Google said that they are advised to think up a password length of at least 12 characters, such as a quote from a movie or a line from your favorite poem. 

Sergei Ivanov, Director of Product Strategy at T1 Group, said that the most common password-guessing technique is called brute force, which has long been used by cybercriminals. It is when anthologies of popular passwords and word directories are attached to the software code. He specified that a combination of six Latin letters of the same case can be found in 31 seconds, assuming the search speed of 10 million passwords per second. It would take only 95 minutes to crack a password consisting of six symbols (letters in different registers and numbers). If the password contains 10 symbols, it will take 2.5 years.

Sky: Major Security Flaw on 6M Routers Left Customers Vulnerable to Hackers


A "serious" security vulnerability impacting over six million Sky routers exposed customers to hackers for more than 17 months, as per the analysts. 

According to internet security firm Pen Test Partners, users of Sky routers were vulnerable to hacks and online attacks for well over a year as a result of the security vulnerability. If they hadn't updated the router's default admin password, hackers could have accessed Sky router customers' passwords and personal information. The following Sky devices were impacted: 
  • Sky Hub 3 (ER110) 
  • Sky Hub 3.5 (ER115) 
  • Booster 3 (EE120) 
  • Sky Hub (SR101) 
  • Sky Hub 4 (SR203) 
  • Booster 4 (SE210) 
However, these last two devices came with a randomly generated admin password, making it more complex for a hacker to attack. Furthermore, around 1% of Sky's routers are not manufactured by the firm. Customers who have one of these can now request a replacement at no cost. 

The software flaw discovered by Pen Test Partners researcher Raf Fini stated that flaw would have allowed a hacker to modify a home router merely by directing the user to a malicious website through a phishing email. 

Pen Test Partner's Ken Munro told BBC News that they could then "take over someone's online life," obtaining passwords for banking and other services. Although there was no proof that the vulnerability had been exploited, he added that the time it took to patch it was perplexing. 

"While the coronavirus pandemic put many internet service providers under pressure, as people moved to working from home, taking well over a year to fix an easily exploited security flaw simply isn't acceptable," he said. 

The Sky was warned about the problem in May 2020, according to Pen Test Partners. Sky acknowledged the issue, but it wasn't until October 2021 that Sky announced 99 percent of all impacted routers had been updated. In response to the security issues, Sky informed ITV News that they began working on a solution as soon as they got notified of the situation. 

A Sky spokesperson stated, "We can confirm that a fix has been delivered to all Sky-manufactured products.”