Sextortion Scam With Leaked Passwords Succeeds

Following the forum post on sextortion emails being spammed to innocent victims, we were curious to see if this scam would indeed be successful. We have observed similar scam campaigns before, but now the scammers seem to include the victim's password as well, creating a sense of legitimacy. During our analysis we observed 3 payments to the … Continue reading Sextortion Scam With Leaked Passwords Succeeds

Don’t be lazy with P4ssw0rd$

Three challenges to making passwords user-friendly Following the interview of Bill Burr, author of NIST’s 2003 paper on Electronic Authentication, in which he announced that he regrets much of what he wrote, we stop and think. Why was the standard putting users at risk? Paraphrasing History: “Tout pour le peuple; rien par le peuple”. Perfectly … Continue reading Don’t be lazy with P4ssw0rd$