87: Guild of the Grumpy Old Hackers

en-usMarch 16, 2021

Podcast Summary

The Importance of Digital Security in the Age of Social Media: It's crucial to prioritize digital security, even if you're a high-profile individual like a politician or celebrity. The advancements in technology mean that cyber threats are ever-evolving, so taking preventive measures is vital to protect personal information.
Donald Trump relied heavily on Twitter as a form of communication during his presidency, but his Twitter account was hacked three times despite his claim that 'nobody gets hacked.' This highlights the importance of practicing good digital security, especially for high-profile individuals. Even someone like Sarah Palin had her Yahoo account hacked by a 20-year-old who found her personal information easily accessible online. It's important to take digital security seriously, regardless of one's position or wealth. As technology continues to advance, so do the methods of hacking and compromising online accounts. Everyone should take steps to protect themselves from digital threats and be aware of possible vulnerabilities.
The Grumpy Old Hackers: Ethical Hacking for a Safer Internet: The Grumpy Old Hackers are a group of ethical hackers who mentor younger generations and work with law enforcement programs to promote responsible hacking. Their mission is to make the internet a safer place.
The disclosure of personal identifiable information or PII is a growing ethical concern. The hackers who call themselves the Grumpy Old Hackers, including Edwin, Matt, and Victor, have made it their mission to find vulnerabilities in computer systems and notify responsible parties to keep the internet a safer place. They do so by mentoring the younger generation of hackers and encouraging them to use their skills ethically. They also work with programs like Hack_Right, a Dutch law enforcement program that helps young offenders put their skills to use for ethical hacking. Edwin, who has been hacking from a young age, loves combining all the hackers together to do new things, which are mostly on the edge and exciting for him and his team.
The Importance of Ethical Responsibility in Hacking: Ethical hacking requires a responsible approach, including disclosure to the entity involved and avoiding exploitation of data. Respect for privacy is important, even when testing security.
Ethical hacking requires responsible disclosure to the concerned company or entity and does not involve selling or exploiting the data. Testing hacked passwords on other accounts may be considered wrong but the intention of ethical hackers is to help improve security. Bug bounty programs offer rewards for hacking and testing but not all entities have them. The Grumpy Old Hackers faced an ethical dilemma when they got access to the LinkedIn database from 2012 and explored what was there in their hotel room. A responsible and ethical approach is necessary while testing security; a violation of someone's privacy should not be excused under the guise of ethical hacking.
The LinkedIn Breach of 2016 and the Importance of Strong Passwords and Salting Strategies: Choose strong passwords with good hygiene and change them frequently. Employ password-salting strategies to make passwords harder to crack, and educate others on the dangers of credential stuffing.
In 2016, LinkedIn suffered a breach where over 100 million credentials were stolen, including weak passwords like '123456', 'password', and 'LinkedIn'. Edwin, Jack, and Victor warned their acquaintances by informing them that their passwords from four years ago were visible and vulnerable. They taught them about credential stuffing which was not well-known at the time. LinkedIn didn't salt their passwords, making them easier to crack. As a result, over 60% of the passwords were cracked, making it easier for bad actors to access personal information. It is essential for users to choose strong passwords with good password hygiene, changing them frequently. Additionally, having password-salting strategies can make passwords more challenging to crack.
Trump's Password Hack Exposes Poor Security Practices: Using easy-to-guess or reused passwords can expose personal data to cyber threats. Always use strong passwords for different accounts to prevent hackers.
Donald Trump's LinkedIn password in 2012 was 'yourefired', which was also the catchphrase he used on his show 'The Apprentice'. The password was so obvious that the hackers were shocked. The Grumpy hackers wondered if he would reuse the same password for his other accounts, and they tried it for his Twitter account, and it worked. This exposed how poor Trump's password hygiene was. For a celebrity billionaire, using such an easy-to-guess password was a bad practice. The incident highlights how important it is to use strong passwords and not to reuse passwords for different accounts.
Hackers attempt to breach Trump's Twitter account and disclose their findings responsibly.: Responsible disclosure is crucial in cybersecurity, but it requires successful exploitation to be effective. Hackers can use OSINT and SMTP enumeration to obtain valuable information related to a hack.
The Grumpy Old Hackers attempted to hack Donald Trump's Twitter account from a hotel room in Belgium, testing his years-old password which was still valid. Realizing that they would be blamed if something went wrong, they decided to log in all the way and submit a responsible disclosure to Trump. To do this, they had to find the email address connected to his Twitter account and went through OSINT to figure out all the valid email addresses associated with Trump's domains. The hackers used SMTP enumeration to find the valid email addresses and bypass the last hurdle to make the report valuable for Donald Trump. Responsible disclosure only works if the hack actually works, and not warning somebody about their password and direct them.
Impact of Various Factors on Cybersecurity: Hackers can easily bypass a system's security by exploiting vulnerable areas such as email validation, weak internet connection, and inadequate device security. It is essential to take necessary measures to prevent such attacks.
Hackers can verify if an email is valid by using the VRFY command on SMTP enumeration. Metasploit can help to speed up the process by trying thousands of names and words. The rate limiter in this process is the internet connection. Twitter's security policy for logins considers the geographical region and the phone used for logging in. Mimicking these details and using an open HTTP proxy in the same region can help hackers log into social media accounts. Trump's old and insecure Android phone was also a security risk.
The Grumps Successfully Hack into Trump's Twitter Account and Take Responsible Action: Crossing the line of logging into someone's account without permission can be justified if done for the greater good and with responsible action taken afterwards. The Grumps teach young hackers the importance of having a good reason before doing so.
The Grumps successfully hacked into Trump's Twitter account by figuring out his credentials and tricking Twitter. They had full access to his account but only took screenshots to prove their success. Their next responsible task was to document everything and write a comprehensive disclosure email to Trump, explaining the issue and suggesting preventative measures. The Grumps teach young hackers to have a good reason to cross the border of logging into someone's account without permission. Although accessing someone's account without permission is a grey area, the risk of someone else doing it and doing something unpleasant with the account justifies the Grumps' actions in this case.
The Importance of Cybersecurity for Public Figures and Individuals: Using strong passwords and being vigilant in securing online accounts is crucial to avoid being hacked. Cybersecurity is a shared responsibility, and everyone needs to take proactive steps to protect their online presence.
Using strong passwords and being vigilant in securing one's online accounts is crucial to avoid being hacked, especially for public figures like politicians. The Grumps discovered that the US president's vulnerable Twitter account had been hacked before, yet he continued to use the same weak password. The importance of cybersecurity cannot be overemphasized, and individuals and organizations need to take proactive steps to prevent unauthorized access to their accounts. The Grumps ultimately reached out to the Dutch National Cyber Security Center for assistance when their attempts to notify US agencies were unsuccessful. Cybersecurity is a shared responsibility, and everyone needs to play their part in protecting their online presence.
The Grumps report hack on Trump's Twitter account and influence security changes on social media platform: Verified and influential accounts should have strict security measures in place to prevent misinformation and cyberattacks. Reporting cybercrime to authorities can lead to action and positive change.
The Grumps managed to contact the Dutch government and reported the hack on Trump's Twitter account, which led to the US CERT taking action. They also suggested to Twitter that verified accounts need better security and Twitter responded by making password reset protection a default setting for election-related accounts. Influential accounts require stricter security as they have a large following and misinformation spread from these accounts should not be possible. While Twitter did not directly respond to the Trump hack or Victor's tweets, their actions suggest that they took heed of the suggestions given. Responding to disclosures of this level is common, even if the party taking action does not mention the notifier.
Importance of Online Security and Ethical Considerations in Cybersecurity: Strong passwords, two-factor authentication, and regularly changing passwords are crucial in securing accounts. Responsible reporting of vulnerabilities is critical. Both individuals and organizations need to prioritize online security.
It's important to use strong passwords and enable two-factor authentication to protect accounts from hacking. It's commendable that the Grumpy Old Hackers helped secure a vulnerable Twitter account before the 2020 presidential election, but it's also important to consider the ethics of their actions. The LinkedIn breach in 2012 highlights the importance of regularly changing passwords and being vigilant about online security. The fact that Victor has made numerous responsible coordinated vulnerability disclosures underscores the importance of responsible reporting of security issues. Overall, organizations need to be proactive about improving their security measures to protect users and prevent cyber attacks, and individuals should take steps to protect their own online security.

Recent Episodes from Darknet Diaries

In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.

This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.

Darknet Diaries

en-usJune 04, 2024

145: Shannen

Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usMay 07, 2024

undercover operations

144: Rachel

Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usApril 02, 2024

143: Jim Hates Scams

Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usMarch 05, 2024

142: Axact

Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usFebruary 06, 2024

information questioning

deceptive situations

ethical practices

141: The Pig Butcher

The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usJanuary 02, 2024

online identity verification

online relationships

social stigmas

financial scams

emotional manipulation

crypto investments

bec attacks

cybersecurity awareness

fraud prevention

secure transactions

140: Revenge Bytes

Madison's nude photos were posted online. Her twin sister Christine came to help. This begins a bizarre and uneasy story. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usDecember 05, 2023

139: D3f4ult

This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usNovember 07, 2023

138: The Mimics of Punjab

This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usOctober 03, 2023

limited law enforcement resources

137: Predator

A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usSeptember 05, 2023

human rights abuses

privacy and security

government surveillance

global security

illegal espionage

surveillance technology

Related Episodes

Cybersecurity 3: Interactive Attacks

Whereas the examples in the previous talk were about using computers as a delivery mechanism for malware programmes and emails that spread viruses, here we are turning our attention to data attacks that are more precisely targeted, whereby the attacker seeks to focus on one target in a more personal way.

Cybersecurity 3: Interactive Attacks

enDecember 31, 2021

EP3.40: NO cambies tu password

EP3.40 NO cambies tu password

El cambio de password frecuente corres el riesgo de reutilizar contraseñas antiguas o caer en el mal hábito de crear contraseñas similares o débiles. Te explico más en este episodio.

Este episodio es presentado por AeroNet. Empresa de tecnología 100% puertorriqueña, líder en soluciones de conectividad para negocios y residencias en Puerto Rico. Go Faster, Go Save. AeroNet Wireless - Reliable High Speed Internet (aeronetpr.com)

Episodios recomendados:

Ep 4: Como amar los passwords: https://aprendesecty.libsyn.com/ep-4-como-amar-los-passwords

EP3.17 ¿Realmente un password manager es seguro?: https://aprendesecty.libsyn.com/ep317-realmente-un-password-manager-es-seguro

EP3.39 ¿Puede el MFA ser hackeado?: https://aprendesecty.libsyn.com/ep339-puede-el-mfa-ser-hackeado

Si deseas orientación o evaluación sobre ciberseguridad para tu negocio o capacitar a tus empleados sobre seguridad de información en tu negocio, escríbeme a itsec@sectycs.com para poder ayudarte porque ofrecemos capacitación de seguridad a grupos de usuarios para pequeños negocios.

Recuerda: Síguenos en Facebook, Instagram, X y LinkedIN como: @SecTYCS

SUSCRIBETE en nuestro canal de YouTube Aprende SecTY: https://www.youtube.com/channel/UC1E9yilgLf5HZMQVDf_ViRw

Envíame tus preguntas o recomendaciones a: itsec@sectycs.com

Deja tu reseña en iTunes/Apple Podcast y compártelo con personas que necesiten mejorar la seguridad en su negocio y en su vida.

Puedes escucharnos también por medio de: iTunes/Apple Podcast, Spotify, Google Podcast, Amazon Music y iHeartRadio.

Aprende SecTY podcast

es-prOctober 10, 2023

How to Build a Self-Hosted Password Vault: A Step-by-Step Guide

This story was originally published on HackerNoon at: https://hackernoon.com/how-to-build-a-self-hosted-password-vault-a-step-by-step-guide.
It can be risky to self-host a password vault if a user lacks full security competence and exposes the vault to the internet.
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #password-security, #security, #cybersecurity, #password-vault, #youtubers, #password-protection, #passwords, #hackernoon-top-story, and more.

This story was written by: @grantcollins. Learn more about this writer by checking @grantcollins's about page, and for more stories, please visit hackernoon.com.

If you are a one-person team, managing your own passwords is doable and can also be fun for users who want to partake in this project. It can also be risky to self-host a password vault if a user lacks full security competence and exposes the vault to the internet. The more users one has to manage, the harder it gets, in terms of compute power to serve the various devices as well as managing many users. So if you are in a family or business, using a cloud option may be easier. Let’s set up a self-hosted vault in Passbolt using a docker container. I am on a Windows 10 machine. I do have Docker Desktop installed and will not be going over how to install Docker Desktop. You can do this on any device, it may be slightly different depending on the OS.

Cybersecurity Tech Brief By HackerNoon

enMay 18, 2023

CoalCast #12 - What's Happwning? w/ Ryan Villarreal

Coalfire penetration testers Ryan and Logan discuss current events in information security.

CoalCast - Coalfire's Cybersecurity Podcast

enFebruary 28, 2020

From Cybermonsters to Mindful Defense: Safeguarding Your Digital World

In this compelling episode, Sandra takes us on a journey from the lurking threats of Cybermonsters to the empowering realm of mindful defense. With engaging stories and practical insights, Sandra reveals the realities of cyber threats, emphasizing the importance of proactive cybersecurity measures.

From phishing schemes targeting jobseekers to the alarming dangers in online games, Sandra provides tangible steps for individuals and organizations to strengthen their cyber self-defense toolkit.

Learn how to spot and thwart cyber threats, cultivate mindful habits, and navigate the digital world with confidence. Don't miss this episode—it's your guide to safeguarding what matters most in the ever-changing landscape of cybersecurity. Tune in and join Sandra on the path to becoming Cyber Mindful!

Sandra Estok is the founder of Way2Protect™, author of the international bestselling Happily Ever Cyber!™ book, and the Cyber Literacy series for children. With over 25 years of experience in Cybersecurity, IT, and Data Privacy, Sandra is a Keynote Speaker and Corporate Trainer. Her mission is to empower women to take charge of their cyber safety and have Peace of Mind Online.

Connect with Sandra:
Website SandraEstok.com
Social media handle: @Way2Protect

Watch Sandra Estok's TEDx talk “What an identity theft victim can teach about cybercrime”: here. Or copy this link directly into your browser: https://www.ted.com/talks/sandra_estok_what_an_identity_theft_victim_can_teach_us_about_cybercrime

enNovember 08, 2023