Kerberoasting is a form of cyber attack that targets service accounts using the Kerberos authentication protocol. Attackers exploit the authentication protocol to extract password hashes and crack the plaintext passwords attached to the account. These attacks are prevalent because they can be difficult to notice and mitigate.

If you think security is all about risk management, cybersecurity expert Greg van der Gaast thinks you’ve got it all wrong.

Working remotely has allowed organizations to enhance their efficiency and provide employees with flexibility. However, remote work comes with cybersecurity risks that can often lead to data breaches and jeopardize an organization’s security. The five cybersecurity risks of remote work are using weak passwords, an insecure internet connection, unencrypted file sharing, an expanded attack surface and the use of personal devices.

A magic link is a type of passwordless login where a link is sent to a user through email or text message after they’ve entered their email address or username into a login portal. When the user clicks on this link, they’re signed in to their account without having to enter a password. This process appears to be “magic” since the user doesn’t have to enter a password, hence the name. Magic links are also often used as a method of Multi-Factor Authentication (MFA).

Organizations should implement the principle of least privilege to protect their sensitive data from unauthorized access. To implement the principle of least privilege, organizations need to define roles and permissions, invest in a Privileged Access Management (PAM) solution, enforce MFA, automatically rotate credentials for privileged accounts, segment networks and regularly audit network privileges.

Android enthusiasts, your time has come. If you own a phone or tablet running Android 14 or higher, you can now save and sign in to many Android apps using passkeys.

Some of the benefits of using passphrases are that they’re easy to remember, difficult for cybercriminals to crack and they’re considered to be more secure than traditional passwords because of poor password habits. Some of the disadvantages of using passphrases are that some websites and apps may have low character limits, it’s impossible to remember passphrases for every single one of your accounts and they’re still vulnerable to being exposed in public data breaches.

A passphrase is a more secure way to create a password that uses a string of random words instead of a string of random characters. Passphrases tend to be easier to remember, longer and more secure than most user-generated passwords. However, weak passphrases are still susceptible to password-related cyber attacks.

Password entropy is a measurement of how difficult it would be for a cybercriminal to crack or successfully guess your password. When calculating password entropy, the calculation takes into account how long your password is and the variation of characters you’re using. Character variations include the use of uppercase and lowercase letters, numbers and symbols. Continue reading to learn more about the importance of password entropy and how you can calculate it using the password entropy formula.