“167 million SHA-1hashed LinkedIn account credentials tied to the 2012 breach…” Not the 6.5 million they first reported.
This is a reminder to salt your hashes. LinkedIn used a SHA-1 hashing algorithm right out of the box, so when the user database was compromised, hackers could easily guess a large percentage of the passwords.
Google has a new service you can apply for, Project Shield. It utilizes their infrastructure to protect against DDOS attacks.
“Project Shield uses technology called a reverse proxy, which allows a webmaster to serve their site through Google infrastructure for free, providing a “shield” against would-be attackers. So far we’ve protected hundreds of news organizations and human rights websites that have faced attacks aimed at censoring free expression. By protecting these sites, we’ve helped to keep vital information online during elections, major crises and conflicts.”
Steven Manley discusses protecting your enterprise against ransomware. The “Air Gap” strategy employs making random daily backups of your data and storing it offsite. This would include:
- Your document storage
- Third-party applications
- Source code
He also makes a great point with regards to company politics. If you find yourself the victim of ransomware, and do not have a strategy in-place, your time at he company is numbered.