#AxisOfEasy 356: Weak Passwords Exposed: How Hackers Crack Them In Under An Hour

Weekly Axis Of Easy #356

Last Week’s Quote was:  “Stop being moons. Stop living by reflected light. Get  into action and convert yourself to a living sun,”  was by William Walker Atkinson .  No one got it.

This Week’s Quote:
“Two things are infinite: the universe and human stupidity; and I’m not sure about the universe.”  By ???

THE RULES: No searching up the answer, must be posted at the bottom of the blog post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.

This is your easyDNS #AxisOfEasy Briefing for the week of June 24th, 2024 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey Tweets, and Len the Lengend click here.

In this issue: 

  • Weak Passwords Exposed: How Hackers Crack Them in Under an Hour
  • Biden Admin Pressured Amazon to Hide Books Critical of Vaccines
  • Rumble CEO Criticizes Google’s Political Content Suppression
  • US Bans Kaspersky Over Alleged Ties to Russian Government
  • Hospital Red Tape Worsens Cyber Attack Recovery

Elsewhere Online:

  • WikiLeaks Founder Released After US Deal: Departs for Australia
  • New Android Malware Threatens 3.9 Billion Devices
  • Chinese Hackers Ramp Up Attacks on Taiwan
  • Sneaky Malware on F5 BIG-IP Steals Data for Years
  • New Firefox Update Locks Stored Passwords Behind Device Authentication

Weak Passwords Exposed: How Hackers Crack Them in Under an Hour

A recent study by Kaspersky, a cybersecurity firm, reveals that many passwords can be cracked in less than an hour. The study used a database of 193 million passwords from the dark web, processed with an Nvidia RTX 4090 GPU.

Kaspersky’s research team tested various algorithms to see how quickly they could crack these hashed and salted passwords. Simple, eight-character passwords made of same-case letters and digits were cracked in as little as 17 seconds. Overall, they cracked 59% of passwords within an hour.

Brute force attacks and improved methods using common patterns were employed. They managed to guess 45% of passwords in under a minute and 73% within a month. However, only 23% of passwords would take over a year to crack.

To protect your accounts, Kaspersky recommends using random, computer-generated passwords. Avoid using obvious choices like names or dates, and check if your passwords have been compromised on sites like HaveIBeenPwned?. Also, ensure each password is unique for different accounts.
This study highlights the importance of strong passwords in today’s digital age. Following these tips can help you keep your accounts secure and safeguard your personal information from hackers.

Read: https://www.cysecurity.news/2024/06/many-passwords-can-be-cracked-in-under.html


The Biden Administration, during the pandemic, pressured Amazon to hide books critical of vaccines

The House Judiciary Committee and the Subcommittee on the Weaponization of the Federal Government revealed these findings.

Amazon, influenced by the government, reduced visibility of over 40 titles. Many of these books were critical of vaccines, some written by medical professionals, and others simply reviewed scientific studies.

Documents show the government created a “Do Not Promote” list. Representative Jim Jordan, Judiciary Committee Chair, posted on X (formerly Twitter) that Amazon employees revealed internal emails showing the pressure. “The impetus for this request is criticism from the Biden Administration,” Jordan stated.

Even a children’s book friendly toward the unvaccinated was targeted. Jordan highlighted the administration’s focus on suppressing unfavorable views, rather than addressing misinformation.

This contrasts with the Biden Administration’s accusations that Republicans, like Florida Governor Ron DeSantis, were attempting to ban books. While Republicans focused on sexually explicit content in school libraries, the Biden Administration aimed at censoring adult books critical of vaccines.

Read: https://modernity.news/2024/06/22/biden-admin-asked-amazon-to-hide-vaccine-critical-books-during-the-pandemic/

Rumble CEO Criticizes Google’s Political Content Suppression

Rumble CEO Chris Pavlovski criticized Google for suppressing links to the GOP debate live stream on Rumble. He discussed this with Russell Brand, highlighting Google’s control over search results and political narratives.

Pavlovski pointed out that Google, once known for unbiased search results, now manipulates them. He explained that when users searched for the Rumble-exclusive GOP debate, Google did not show the correct link. Instead, it promoted a “corporate media entity” that did not host the live stream. Pavlovski questioned, “Is that not election interference?”

He further mentioned that Google’s search algorithms favor its own products, like YouTube and Google Maps, creating a “mouse trap” for users and undermining competition. Pavlovski noted, “It’s very difficult for you to go and search something that’s relevant and find Rumble near the top,” and mentioned Rumble’s lawsuit against Google.

Russell Brand observed that YouTube and Google have become “curators of reality,” limiting access to diverse ideas and stories. This behavior restricts what users see and undermines other platforms like Rumble.

Read: https://reclaimthenet.org/rumble-ceo-blasts-googles-suppression-of-political-content

US Bans Kaspersky Over Alleged Ties to Russian Government

The US government banned Kaspersky, a Russian cybersecurity company, from selling its products in the US due to alleged ties to the Russian government. On June 20, 2024, the US Department of Commerce issued a Final Determination to prohibit Kaspersky from operating in the US.

Commerce Secretary Gina Raimondo cited concerns over Kaspersky’s potential influence from Moscow, stating it poses a risk to US infrastructure. She emphasized the need to counter Russia’s ability to gather and misuse American data.

The ban affects Kaspersky’s affiliates, subsidiaries, and resellers. They must stop selling and updating Kaspersky software in the US by September 29, 2024. Those who violate the restrictions will face fines.

The decision follows a thorough investigation by the Bureau of Industry and Security’s Office of Information and Communications Technology and Services (OICTS). They found Kaspersky’s compliance with Russian law could lead to the misuse of sensitive US data. Kaspersky’s software, with its broad access to user information, poses a risk of installing malicious software or withholding updates.

Kaspersky’s US customers include businesses in critical national infrastructure. This ban continues a trend of US actions against Kaspersky, including a 2017 federal directive and a 2022 FCC listing as a national security threat.

Kaspersky plans to fight the ban, denying any activities that threaten US security. They intend to explore “all legally available options” to contest the decision. Meanwhile, the Russian government condemned the ban as “unfair competition.”

Read: https://www.infosecurity-magazine.com/news/us-bans-kaspersky-kremlin-links/

Hospital Red Tape Worsens Cyber Attack Recovery

Ransomware attacks on hospitals are increasingly disrupting medical care. These attacks can disable systems for weeks, forcing hospitals to cancel surgeries and appointments and revert to using pen and paper. This chaos is worsened by a bureaucratic requirement for “assurance” letters, which confirm to partners that it’s safe to reconnect after an attack.

These letters, not required by law, are filled with detailed questions about the attack and recovery measures, delaying system restoration. Sean Fitzpatrick, Vice President of External Communications at Ascension, described the process as “arduous” after their attack in May, involving negotiations with numerous vendors.

Shane Thielman, Chief Information Officer at Scripps Health, encountered similar issues during a 2021 ransomware attack, where vendors demanded extra documentation.

Chris Cwalina, Global Head of Cybersecurity at Norton Rose Fulbright, criticized the need for these letters, suggesting that direct communication could expedite recovery.

Experts argue this red tape endangers patients. Hannah Neprash, Associate Professor at the University of Minnesota, linked ransomware disruptions to higher patient mortality. Brett Callow, a threat analyst at Emsisoft, called for streamlined processes to restore hospital operations quickly and safely, emphasizing that “masses of red tape” are detrimental to patient safety.

Read: https://www.wired.com/story/ransomware-health-care-assurance-letters/


Elsewhere Online:

WikiLeaks Founder Released After US Deal: Departs for Australia

Read: https://www.zerohedge.com/geopolitical/assange-be-freed-doj-agrees-time-served-plea-deal-wikileaks-founder

New Android Malware Threatens 3.9 Billion Devices
Read: https://hackread.com/rafel-rat-puts-3-9-billion-android-devices-at-risk/

Chinese Hackers Ramp Up Attacks on Taiwan
Read: https://www.securityweek.com/chinese-hackers-have-stepped-up-attacks-on-taiwanese-organizations-cybersecurity-firm-says/

Sneaky Malware on F5 BIG-IP Steals Data for Years
Read: https://latesthackingnews.com/2024/06/24/malware-campaign-targets-f5-big-ip-appliances-to-steal-data-for-years/

New Firefox Update Locks Stored Passwords Behind Device Authentication
Read: https://latesthackingnews.com/2024/06/24/mozilla-firefox-now-requires-device-lock-to-access-stored-passwords/

Charles Hugh Smith:  “Why Are You So Negative?”
Read: https://www.oftwominds.com/blogjun24/negativity6-24.html

If you missed the previous issues, they can be read online here:


6 thoughts on “#AxisOfEasy 356: Weak Passwords Exposed: How Hackers Crack Them In Under An Hour

Leave a Reply

Your email address will not be published. Required fields are marked *