Just a quick post today.
There is a thought that keeps eating at the back of my head after looking at password disclosure breaches of the past few weeks.
No matter how good your security is, it is only as good as the worst public site your users access outside of work. This means you may have a great password policy, great AV, outstanding monitoring, hired the #1 hacker in the world for testing and you can still be compromised because a user had an account at Sega.
Why? Because they used the same password at Sega that they use on your site. This is important because I think there are very few (if any) products out there that can adequately address this issue.
How do you detect an attack that is effectively the same difficulty to identify as an insider?
We will address this throughout the rest of this weekâs posts.
PaulDotCom will be teaching Offensive Countermeasures at Black Hat July 30-31