SlideShare a Scribd company logo

Passwords for sale

Ramiro Cid
Ramiro Cid

In the last years we are reading more and more news about massive (millions) breach of passwords in web services as communities, emails services, cloud services and others. Hackers simply are obtaining money stealing passwords and selling or misusing them. This presentation is focus on how to protect our accounts and with this also keep sure our digital identity, our image and also our money safe from hackers businesses.

Internet
1 of 8
Download to read offline
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ramiro Cid | @ramirocid Passwords for sale
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid 2 Index 1. Password for sale, just another dark business Slide 3 2. Some passwords leak figures in the last years Slide 4 3. How to check if my account have ever leaked? Slide 5 4. Best practices in the use of passwords Slide 6 5. Sources used to expand knowledge Slide 7
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid In the last years we are reading more and more news about massive (millions) breach of  passwords in web services as communities, emails services, cloud services and others. Hackers simply are obtaining money stealing passwords and selling or misusing them. This presentation is focus on how to protect our accounts and with this also keep sure our digital  identity, our image and also our money safe from hackers businesses. 1. Password for sale, just another dark business
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  Yahoo 1.000 million passwords (happened on 2013 but disclosed on 2016)   Gmail 272 million passwords  MySpace 164 million passwords (on 2016)  eBay 145 million passwords   LinkedIn 164 million passwords  Dropbox 68 million passwords  (happened on 2012 but disclosed on 2016)  Evernote 50 Million password (on 2013)  Twitter 33 million passwords (on 2016) 2. Some passwords leak figures in the last years
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Using services like HaveIbeenPwned.com ‐> https://haveibeenpwned.com/ a free web service to  check if our accounts are safe. The website collects leaked data and has information on over a  thousands of millions leaked accounts from different websites.  If your email address appears in their records you should change your password on the affected  accounts immediately.  Selecting a strong password and having a unique password for each account is of course an  essential prerequisite (best way is to use a password manager application). You can also subscribe to notifications in case your account details are leaked in future to try  similar services as leakedsource.com or hacked‐db.com. 3. How to check if my account have ever leaked?
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Web services get hacked and user credentials get stolen, sold and misused. With the increasing number of web services comes the greater chance that some of them will be insecure and eventually breached. Nobody can’t control how a website protects your login credentials on their servers, but there are smart things we can do to protect ourselves and minimise the damage in case a breach happens: Use strong and unique password for each account Check if your email account information has leaked and change your password on affected website(s)  immediately (if you used the same password on multiple sites, which is no recommended, change your password on  those sites as well) Use a password manager to safely store your passwords Use 2‐step authentication wherever available Subscribe to notifications in case your account details are leaked in future 4. Best practices in the use of passwords
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  World's Biggest Data Breaches | information is beautiful.net URL: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/  List of data breaches | Wikipedia.org URL: https://en.wikipedia.org/wiki/List_of_data_breaches  The Worst Data Breaches of All Time | tom’s guide.com URL: http://www.tomsguide.com/us/pictures-story/872-worst-data-breaches.html  The History of Data Breaches | Digital guardian URL: https://digitalguardian.com/blog/history-data-breaches/ 5. Sources used to expand knowledge
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Questions? Many thanks ! Ramiro Cid CISM, CGEIT, ISO 27001 LA, ISO 22301 LA, ITIL ramiro@ramirocid.com @ramirocid http://www.linkedin.com/in/ramirocid http://ramirocid.com http://es.slideshare.net/ramirocid http://www.youtube.com/user/cidramiro

Recommended

Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
Ramiro Cid
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About it
Aleksandr Yampolskiy
 
UW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessUW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing Awareness
Nicholas Davis
 
Social engineering
Social engineeringSocial engineering
Social engineering
Robert Hood
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
SpencerBurton8
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar
Raghunath G
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
 

Recommended

Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
Ramiro Cid
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About it
Aleksandr Yampolskiy
 
UW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessUW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing Awareness
Nicholas Davis
 
Social engineering
Social engineeringSocial engineering
Social engineering
Robert Hood
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
SpencerBurton8
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar
Raghunath G
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
 
Social engineering
Social engineeringSocial engineering
Social engineering
Maulik Kotak
 
Social Engineering Techniques
Social Engineering TechniquesSocial Engineering Techniques
Social Engineering Techniques
Neelu Tripathy
 
Social engineering
Social engineeringSocial engineering
Social engineering
Alexander Zhuravlev
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Paul Devassy, CPP
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
William Gregorian
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
JamRivera1
 
Users guide
Users guideUsers guide
Users guide
Darren Thomas
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Ahmed Musaad
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
Rob Ragan
 
social engineering
social engineering social engineering
social engineering
Ravi Patel
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to Hacking
leet detected
 
Phishing
PhishingPhishing
Phishing
North Carolina State University
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
Marin Ivezic
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
Raghunath G
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and Bad
Tzar Umang
 
11 Cybersecurity Tips to stay safe online
11 Cybersecurity Tips to stay safe online11 Cybersecurity Tips to stay safe online
11 Cybersecurity Tips to stay safe online
Scott Schober
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
Jorge Sebastiao
 
Fire eye spearphishing
Fire eye spearphishingFire eye spearphishing
Fire eye spearphishing
Zeno Idzerda
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
Análisis de Riesgos
Análisis de RiesgosAnálisis de Riesgos
Análisis de Riesgos
Ramiro Cid
 

More Related Content

What's hot

Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
Raghunath G
 
Fire eye spearphishing
Fire eye spearphishingFire eye spearphishing
Fire eye spearphishing
Zeno Idzerda
 

What's hot (20)

Social engineering
Social engineeringSocial engineering
Social engineering
 
Social Engineering Techniques
Social Engineering TechniquesSocial Engineering Techniques
Social Engineering Techniques
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
 
Users guide
Users guideUsers guide
Users guide
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
 
social engineering
social engineering social engineering
social engineering
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to Hacking
 
Phishing
PhishingPhishing
Phishing
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and Bad
 
11 Cybersecurity Tips to stay safe online
11 Cybersecurity Tips to stay safe online11 Cybersecurity Tips to stay safe online
11 Cybersecurity Tips to stay safe online
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Fire eye spearphishing
Fire eye spearphishingFire eye spearphishing
Fire eye spearphishing
 

Viewers also liked

IT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACAIT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACA
Ramsés Gallego
 
Cyber crimes and its security
Cyber crimes and its securityCyber crimes and its security
Cyber crimes and its security
Ashwini Awatare
 

Viewers also liked (20)

Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
 
Análisis de Riesgos
Análisis de RiesgosAnálisis de Riesgos
Análisis de Riesgos
 
IT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACAIT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACA
 
Backtrack
BacktrackBacktrack
Backtrack
 
Cap. modulo gestión del riesgos
Cap. modulo gestión del riesgosCap. modulo gestión del riesgos
Cap. modulo gestión del riesgos
 
Guía de seguridad personal navidad 2013
Guía de seguridad personal navidad 2013Guía de seguridad personal navidad 2013
Guía de seguridad personal navidad 2013
 
How biotechnology could improve life
How biotechnology could improve lifeHow biotechnology could improve life
How biotechnology could improve life
 
Neurosains dan moralitas
Neurosains dan moralitasNeurosains dan moralitas
Neurosains dan moralitas
 
WooCommerce Meetup Utrecht
WooCommerce Meetup UtrechtWooCommerce Meetup Utrecht
WooCommerce Meetup Utrecht
 
Cybercrime in the Modern Market - Legal Remedies Offshore
Cybercrime in the Modern Market - Legal Remedies OffshoreCybercrime in the Modern Market - Legal Remedies Offshore
Cybercrime in the Modern Market - Legal Remedies Offshore
 
CYBER CRIME ppt
CYBER CRIME pptCYBER CRIME ppt
CYBER CRIME ppt
 
Backtrack os 5
Backtrack os 5Backtrack os 5
Backtrack os 5
 
Backtrack
BacktrackBacktrack
Backtrack
 
Guia para escapar de un incendio
Guia para escapar de un incendioGuia para escapar de un incendio
Guia para escapar de un incendio
 
The Future of Wearables at WoHIT 2016 by The Wearables Expert
The Future of Wearables at WoHIT 2016 by The Wearables ExpertThe Future of Wearables at WoHIT 2016 by The Wearables Expert
The Future of Wearables at WoHIT 2016 by The Wearables Expert
 
Previniendo riesgos al ir al restaurante
Previniendo riesgos al ir al restaurantePreviniendo riesgos al ir al restaurante
Previniendo riesgos al ir al restaurante
 
Guia para establecer la seguridad del perimetro
Guia para establecer la seguridad del perimetroGuia para establecer la seguridad del perimetro
Guia para establecer la seguridad del perimetro
 
Shadow Economy
Shadow EconomyShadow Economy
Shadow Economy
 
Cyber crimes and its security
Cyber crimes and its securityCyber crimes and its security
Cyber crimes and its security
 
Analisis de riesgos
Analisis de riesgosAnalisis de riesgos
Analisis de riesgos
 

Similar to Passwords for sale

Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
1. Data loss or data theft are the bigger threats because in this we.pdf
1. Data loss or data theft are the bigger threats because in this we.pdf1. Data loss or data theft are the bigger threats because in this we.pdf
1. Data loss or data theft are the bigger threats because in this we.pdf
sudhirchourasia86
 

Similar to Passwords for sale (20)

Top 5 cyber crimes of 2014
Top 5 cyber crimes of 2014Top 5 cyber crimes of 2014
Top 5 cyber crimes of 2014
 
London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018
 
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjrpypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
 
Hack
HackHack
Hack
 
Cryptocurrency Scams | How Do You Protect Yourself?
Cryptocurrency Scams | How Do You Protect Yourself?Cryptocurrency Scams | How Do You Protect Yourself?
Cryptocurrency Scams | How Do You Protect Yourself?
 
The devil is in the details
The devil is in the detailsThe devil is in the details
The devil is in the details
 
Blockchain and security v3
Blockchain and security v3Blockchain and security v3
Blockchain and security v3
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
RansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mailRansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mail
 
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
 
How to Avoid Crypto Scams - Crypto JBro
How to Avoid Crypto Scams - Crypto JBroHow to Avoid Crypto Scams - Crypto JBro
How to Avoid Crypto Scams - Crypto JBro
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Normshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing Report
 
Data breach
Data breachData breach
Data breach
 
1. Data loss or data theft are the bigger threats because in this we.pdf
1. Data loss or data theft are the bigger threats because in this we.pdf1. Data loss or data theft are the bigger threats because in this we.pdf
1. Data loss or data theft are the bigger threats because in this we.pdf
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scams
 
Phishing
PhishingPhishing
Phishing
 
Online passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattackOnline passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattack
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
 

More from Ramiro Cid

More from Ramiro Cid (20)

Seminario sobre ciberseguridad
Seminario sobre ciberseguridadSeminario sobre ciberseguridad
Seminario sobre ciberseguridad
 
Captación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenCaptación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagen
 
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
 
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
 
Lean Six Sigma methodology
Lean Six Sigma methodologyLean Six Sigma methodology
Lean Six Sigma methodology
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
 
Cyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationCyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk Aggregation
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
 
Payment fraud
Payment fraudPayment fraud
Payment fraud
 
Thinking on risk analysis
Thinking on risk analysisThinking on risk analysis
Thinking on risk analysis
 
Drones and their use on critical infrastructure
Drones and their use on critical infrastructureDrones and their use on critical infrastructure
Drones and their use on critical infrastructure
 
Internet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyInternet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacy
 
Space computing
Space computingSpace computing
Space computing
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Risk optimization management inside it governance
Risk optimization management inside it governanceRisk optimization management inside it governance
Risk optimization management inside it governance
 
Summit itSMF - Risk optimization management inside it governance
Summit itSMF - Risk optimization management inside it governanceSummit itSMF - Risk optimization management inside it governance
Summit itSMF - Risk optimization management inside it governance
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk Management
 

Recently uploaded

Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptxLiving-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
TristanJasperRamos
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
aagad
 
Article writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptxArticle writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptx
abhinandnam9997
 

Recently uploaded (12)

BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
 
ER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAEER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAE
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptxLiving-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
 
The AI Powered Organization-Intro to AI-LAN.pdf
The AI Powered Organization-Intro to AI-LAN.pdfThe AI Powered Organization-Intro to AI-LAN.pdf
The AI Powered Organization-Intro to AI-LAN.pdf
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
 
Article writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptxArticle writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptx
 

Passwords for sale

  • 1. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ramiro Cid | @ramirocid Passwords for sale
  • 2. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid 2 Index 1. Password for sale, just another dark business Slide 3 2. Some passwords leak figures in the last years Slide 4 3. How to check if my account have ever leaked? Slide 5 4. Best practices in the use of passwords Slide 6 5. Sources used to expand knowledge Slide 7
  • 3. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid In the last years we are reading more and more news about massive (millions) breach of  passwords in web services as communities, emails services, cloud services and others. Hackers simply are obtaining money stealing passwords and selling or misusing them. This presentation is focus on how to protect our accounts and with this also keep sure our digital  identity, our image and also our money safe from hackers businesses. 1. Password for sale, just another dark business
  • 4. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  Yahoo 1.000 million passwords (happened on 2013 but disclosed on 2016)   Gmail 272 million passwords  MySpace 164 million passwords (on 2016)  eBay 145 million passwords   LinkedIn 164 million passwords  Dropbox 68 million passwords  (happened on 2012 but disclosed on 2016)  Evernote 50 Million password (on 2013)  Twitter 33 million passwords (on 2016) 2. Some passwords leak figures in the last years
  • 5. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Using services like HaveIbeenPwned.com ‐> https://haveibeenpwned.com/ a free web service to  check if our accounts are safe. The website collects leaked data and has information on over a  thousands of millions leaked accounts from different websites.  If your email address appears in their records you should change your password on the affected  accounts immediately.  Selecting a strong password and having a unique password for each account is of course an  essential prerequisite (best way is to use a password manager application). You can also subscribe to notifications in case your account details are leaked in future to try  similar services as leakedsource.com or hacked‐db.com. 3. How to check if my account have ever leaked?
  • 6. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Web services get hacked and user credentials get stolen, sold and misused. With the increasing number of web services comes the greater chance that some of them will be insecure and eventually breached. Nobody can’t control how a website protects your login credentials on their servers, but there are smart things we can do to protect ourselves and minimise the damage in case a breach happens: Use strong and unique password for each account Check if your email account information has leaked and change your password on affected website(s)  immediately (if you used the same password on multiple sites, which is no recommended, change your password on  those sites as well) Use a password manager to safely store your passwords Use 2‐step authentication wherever available Subscribe to notifications in case your account details are leaked in future 4. Best practices in the use of passwords
  • 7. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  World's Biggest Data Breaches | information is beautiful.net URL: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/  List of data breaches | Wikipedia.org URL: https://en.wikipedia.org/wiki/List_of_data_breaches  The Worst Data Breaches of All Time | tom’s guide.com URL: http://www.tomsguide.com/us/pictures-story/872-worst-data-breaches.html  The History of Data Breaches | Digital guardian URL: https://digitalguardian.com/blog/history-data-breaches/ 5. Sources used to expand knowledge
  • 8. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Questions? Many thanks ! Ramiro Cid CISM, CGEIT, ISO 27001 LA, ISO 22301 LA, ITIL ramiro@ramirocid.com @ramirocid http://www.linkedin.com/in/ramirocid http://ramirocid.com http://es.slideshare.net/ramirocid http://www.youtube.com/user/cidramiro