Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Password Crackdown. Show all posts

Human Error: A Helping Hand for Cyber Criminals

 

The use of passwords, a fundamentally faulty strategy that was developed many years ago, has been the primary method for securing an organisation's internal systems and its customers' accounts for far too long. Despite efforts to provide better, more secure authentication mechanisms, the majority still place the onus on the user.

This includes keeping track of your password, avoiding dangerous phishing sites, not unintentionally disclosing your login information to attackers during a social engineering attack, and resisting the urge to open a malicious push message during a "prompt bombing" attack. 

People are more aware of these issues today. However, as human beings often have a tendency to be trusting and make mistakes, crooks find it quite simple to prey on naïve consumers. 

In the contemporary era of zero trust, authentication is necessary. Nevertheless, no matter how much education we provide, assuming that individuals will approach authentication with a zero trust perspective will never be successful. Attackers simply have the advantage even though our staff and consumers are wary and watchful. 

One-time passwords, magic links, and push notifications are just a few examples of the first-generation multi-factor authentication (MFA) that attackers can now easily get around. Attackers can launch adversary-in-the-middle (AiTM) assaults by using freely available phishing kits and phishing-as-a-service capabilities. Additionally, they have methods for creating phishing emails that are very convincing, including the use of ChatGPT and other AI-powered tools that eliminate red flags like spelling and grammar errors or URLs with weird formatting. 

In 2022, attackers employed stolen credentials as the first attack vector in more than 75% of all cyberattacks, according to Crowdstrike's most recent research, which serves as a reminder of the severity of the issue.

The vast majority of data breaches and successful ransomware attacks start with compromised credentials, according to a decade's worth of study from the Verizon Data Breach Investigation Report. As reported by Verizon, major attacks employing a mobile or IoT device increased by 22% between 2021 and 2022, which isn't assisted by remote and hybrid working.

The problem is made worse by the fact that businesses also need to take into account the contractors and employees who make up their extended supply chain in addition to their employees and customers. Criminals can enter the ecosystem if users' identities are compromised anywhere in it.

Netflix Password-Sharing Crackdown will Roll Out Worldwide Early Next Year

 

After the fall in subscriber base in the first two quarters of this year, popular streaming platform Netflix will now charge an extra fee from users for sharing their passwords starting early next year. 

After allowing customers to transfer their profiles to new accounts, the streamer says it will start letting users create sub-accounts in line with its plans to “monetize account sharing” more widely. 

The streaming giant confirmed it will roll out the $6.99 / month ad-supported tier, called Basic, on November 3rd in the US, Australia, Brazil, Canada, France, Germany, Italy, Japan, Korea, Mexico, Spain, and the UK. However, the company did not reveal how much subscribers will be charged for sharing their passwords with other users in India. 

Before implementing the password-sharing fee system, Netflix tested the scheme in Chile, Costa Rica, and Peru for about six months. This test established an account's primary residence as the "home" for the membership. 

If the service spotted streaming at any additional households for more than two weeks, it asked the user to set up a new account and pay for additional "homes". The company estimates more than 100 million people are currently using another household’s account worldwide. 

Subscription loss

Earlier this year in July, Netflix reported losing subscribers for the first time in over 10 years, with the firm’s subscriber count dipping by another 1.3 million in the US and Canada and 1 million worldwide last quarter. 

The company witnessed the highest growth when the pandemic hit in 2020 and people, stuck at home with limited option entertainment, flocked to monster hits like Squid game, and The Crown. It also pushed nearly all of Hollywood's significant media firms including Disney Plus, HBO Max, Peacock, Paramount Plus, and Apple TV Plus to pour billions of dollars into their streaming operations. 

But as the situation normalized, Netflix struggled to attract new subscribers and maintain the loyalty of existing members, especially as there were multiple streaming options and also the rising cost of living led to people cutting back. Now, feeling the heat of intensifying competition to hold onto the subscribers' attention, Netflix is pursuing strategies it had dismissed for years.