A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Your Users Passwords Are Already Stolen - Lucas Zaichkowsky BSides San Francisco 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Your Users Passwords Are Already Stolen
Lucas Zaichkowsky

BSides San Francisco 2015

Attackers have long exploited human weakness such as the lack of password complexity and vulnerability to phishing. As organizations improved defenses, attackers shifted to breaching websites to steal user databases. Their goal is to access your organization undetected. Common weaknesses in user database implementations will be explained and real world examples presented. To accent the problem, a well known database dump from 2014 containing passwords securely salted and hashed with multiple rounds will be used as a case study showing that password reuse and weak passwords are human behaviors that cannot be fixed.

Lucas Zaichkowsky is the Enterprise Defense Architect at Resolution1 Security, responsible for providing expert guidance on the topic of cybersecurity. Prior to joining Resolution1 Security, Lucas was a Technical Engineer at Mandiant where he worked with Fortune 500 organizations, the Defense Industrial Base, and government institutions to deploy measures designed to defend against the worlds most sophisticated attack groups.

Back to BSides San Francisco 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast