DC and Marvel superheroes top breached password lists

1 month ago 6

Even our favourite superheroes can't support america against cyberattacks.


Image: GettyImages/Yuichiro Chino

In May, Specops Software, a password absorption and authentication company, released a roundup of "Star Wars"-themed breached passwords for the sci-fi vacation May 4 besides known arsenic Star Wars Day. On Monday, the institution brought the DC and Marvel universes into the fold and released a roundup of commonly utilized superheroes recovered connected compromised password lists.

Turns out, superhero characters utilized arsenic passwords inactive could usage a steadfast dose of peculiar characters and numbers.

"Fan appreciation of some Marvel and DC characters, and the statement implicit which beingness is the superior comic publication world, volition unrecorded connected for a agelong clip to come. But nary substance however large of a instrumentality you are, present is the clip to update your password should you beryllium utilizing immoderate of the characters recovered wrong breached password lists," said a information of the Specops blog post.

SEE: Security incidental effect policy (TechRepublic Premium)

To find the list, the institution said it assessed much than 800 cardinal breached passwords from a subset of much than 2 cardinal breach passwords successful Specops Breached Password Protection. Having appeared connected lists of breached passwords much than 151,000 times, Marvel's Loki ranked No. 1 successful Specops findings. Runner-up "Thor" appeared connected breached password lists astir 148,000 times to borderline retired No. 3 "Robin." In order, "Joker" and "Flash" circular retired the apical five.

Interestingly, the apical 10 includes six DC characters compared to Marvel's 4 appearances with "Batman" (DC), "Superman" (DC), "Vision" (Marvel), "Falcon" (Marvel) and "Penguin" (DC) topping the list. The findings adhd a cybersecurity fold to the classical statement astir the 2 comic publication universes.

"When it comes to Marvel vs DC, I don't cognize if I tin prime a side. But the bully quality is that erstwhile it comes to password information – the harmless broadside is picking neither. Hackers emotion to trade attacks that marque usage of things america humans emotion – including our favourite comic publication characters," said Darren James, merchandise specializer astatine Specops Software via email.

Critical infrastructure cyberattacks

In caller months, determination person been a fig of high-profile cybersecurity attacks connected captious U.S. infrastructure including a h2o treatment installation successful Florida, JBS Foods ransomware attack and the Colonial Pipeline incident. James discussed the value of password information successful airy of caller cybercriminal activity.

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

"Now much than ever it's important to instrumentality attraction of the weakest nexus successful your web information – the password. We've seen attackers instrumentality vantage of insufficient password policies successful damaging attacks similar what happened successful the Colonial Pipeline attack," James said.

"A bully commencement is to marque definite that the passwords successful usage successful your enactment are not connected a breached password list. Our latest probe shows that much than 1.1 cardinal comic fans astir the satellite should beryllium taking this enactment arsenic soon arsenic possible," helium continued.

Those truthful inclined tin peruse the afloat database of superheroes recovered connected breached passwords lists here.

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also spot

Read Entire Article