Lessons from the Hookers.nl breach: cracking 57% of the passwords in three days

Dutch website Hookers.nl — used by prostitutes, escorts and their customers — had been hacked. The site’s user database was stolen and is actively being traded in the underground, and sold for about 2 Euros. The dump contains data of — among others — employees of Dutch governmental intuitions like the department of defense, foreign affairs and law enforcement. Since data is now within virtually anyone’s reach, we expect scams to blackmail users soon.

Hookers.nl publicly stated that passwords were not stolen. Strictly speaking this is true: the database does not contain plain text passwords but hashed passwords. Scattered Secrets was able to crack 57% of the password hashes in three days. This is our story.

Door |2024-07-25T14:36:27+00:00oktober 31, 2019|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Lessons from the Hookers.nl breach: cracking 57% of the passwords in three days

Budgeting for Cybersecurity: Are You Doing It Right?

As a chief information security officer, one of the biggest challenges I faced was in measuring the value of our organization’s cybersecurity investment. Fortunately, tools and methodologies to translate cybersecurity more specifically into costs and benefits are now available, so CISOs can be more detailed than ever before in measuring the effectiveness of risk mitigation.

By attaching real numbers to cybersecurity—this is how much a breach will cost us, this is how much we can reduce risk by making this specific investment—CISOs can work with the C-suite to make more informed decisions.

Cybersecurity risk mitigation is more critical than ever. With most companies embracing digital transformation, the impact of a breach can be crippling, in terms of money lost, damage to brand reputation and partner/customer goodwill. At the same time, the threat landscape is increasingly sophisticated, better funded and more coordinated. 

Door |2024-02-17T06:32:39+00:00oktober 23, 2019|Article, Engels|Reacties uitgeschakeld voor Budgeting for Cybersecurity: Are You Doing It Right?

Hoe navigeer je tussen werkbare procedures en de omstandigheden van het geval?

Mijn oog viel op deze tweet van de Engelse toezichthouder, waar ik een tikje van opkeek:

"Hi, orgs should not look to adopt a blanket approach in asking for ID when responding to a SAR [inzageverzoek onder de AVG]. They should consider each request on a case by case basis and identify which form of ID is most proportionate if required."

De tweet was een reactie op een vraag van de onvolprezen privacyvoorvechter Pat Walshe, die constateerde dat je bij het vragen van een kopie van je persoonsgegevens bij Engelse politieke partijen altijd een kopie ID moet meesturen. Uit de reactie valt op te maken dat dat niet mag, en dat een organisatie dus per verzoek moet kijken of de persoon duidelijk geïdentificeerd is als de betrokkene en zo nee wat in dat geval het handigste is.

Door |2024-02-17T06:32:39+00:00oktober 17, 2019|Artikel, Nederlands|Reacties uitgeschakeld voor Hoe navigeer je tussen werkbare procedures en de omstandigheden van het geval?

Examining access token privileges with MDATP and Kusto

As a defender, looking at events occurring at user endpoints is very useful. It's essential to know exactly what is happening and insight in detailed log information gives you the opportunity to perform threat hunting and to create detection rules.

It’s a no-brainer that looking at processes on an user endpoint is crucial in order to find adversary’s activities. One of the interesting aspects of the process is the access token. In this blog I will explain briefly what an access token is and how you can use Microsoft Defender ATP (MDATP) and the Kusto query language to examine them in detail.

Door |2024-07-25T14:24:47+00:00oktober 2, 2019|Artikel, Nederlands|Reacties uitgeschakeld voor Examining access token privileges with MDATP and Kusto
Ga naar de bovenkant