He has helped organizations of various sizes to improve their security against cyber threats. His licenses and certifications include GIAC Web Application Penetration Tester, GIAC Certified Penetration Tester (GPEN), Certified Information Systems Security Professional (CISSP), and Certified Ethical Hacker, among others.

Stay tuned for more of Davin’s videos so you can be informed and keep your organization safe!

The post Video: Meet Our Cybersecurity Expert, Davin Jackson appeared first on eSecurity Planet.

In this video, we explore the alarming details surrounding the largest data breach ever, which has exposed an astonishing 2.9 billion records linked to the National Public Data (NPD) breach. This event has compromised sensitive information for nearly half of the global population, including Social Security numbers and personal family details, raising significant concerns about data security and individual safety. We examine how this breach remained undetected for so long and the reasons victims were not notified in time. With the hacker group USDoD claiming responsibility and offering this extensive database for $3.5 million on the dark web, we stress the urgent need for stronger data protection measures. Join us as we discuss actionable steps individuals and organizations can take to enhance their security in light of growing cyber threats.

Transcript

2.9 billion records — nearly half the world’s population — have just been compromised in one of the largest data breaches in history. How safe is your information?

I’m Justin Fraction for eSecurity Planet, and let’s get into it. 

The National Public Data (NPD) breach sent shockwaves across the globe, exposing sensitive data on a scale we’ve never seen before. This isn’t just another breach.

NPD is a company that specializes in background checks, pulling data from public records, court documents, and more. 

This breach not only exposed Social Security numbers and addresses but also detailed information about family members. It’s part of a larger trend of increasing cyber threats targeting our most personal data.

The breach occurred around April 2024, but what’s shocking is how it stayed under the radar. 

The NPD breach serves as a stark reminder: Your personal data is a valuable target, and protecting it is more critical than ever. Stay informed, stay secure, and don’t let your guard down.

If this video has made you question your data security, now’s the time to take action. Check out our website, eSecurity Planet, to find out how to protect yourself online and make sure you’re doing everything you can to stay safe. 

Also, take a look in the description down below for some eSecurity packages that we believe will help you to stay safe.

And before you go, drop a comment down below — how has this breach changed the way you think about your digital life? 

Let’s keep this conversation going because the best way to protect ourselves is by staying informed. Don’t forget to like, subscribe, and hit the notification bell to stay updated on the latest in cybersecurity. And don’t forget to tune in here for new videos on eSecurity Planet. Hi, it’s our first video on this channel! We’ll keep them going — see you next time.

Learn more in our data loss prevention ultimate guide, including its importance, key steps and best practices, and top providers that can help you keep your data safe.

The post Video: 2.9 Billion Records Compromised in NPD Breach – Recap appeared first on eSecurity Planet.

Discover the actions you can take to protect your online presence from cybersecurity threats in this video. We’ll explore the details of current vulnerabilities, their potential impact on your website, and the crucial steps you should implement to safeguard your data. We start with a critical WordPress vulnerability that threatens millions of sites, followed by configuration issues with AWS Application Load Balancer and the urgent need to upgrade Chrome. Additionally, we’ll discuss a new SolarWinds Web Help Desk flaw, CISA’s addition of the Versa Director vulnerability to its catalog, and double RCE vulnerabilities affecting the GPS tracking tool Traccar. Whether you’re a website owner, developer, or simply interested in security, this video is a must-watch. Be sure to subscribe for more updates and best practices to stay secure!

To read about these vulnerabilities, see our full vulnerability recap. Also check out the top network security threats, including defenses for each one, to make sure you stay protected.

The post Video: Top Cybersecurity Threats That You Need to Fix appeared first on eSecurity Planet.

Cookies play a crucial role in enhancing your online experience, but they can also be exploited by cybercriminals to access sensitive information. In this video, our expert delves into what cookies are and their function in web browsing, explores the techniques hackers use to steal them — such as session hijacking and cross-site scripting (XSS) — and shares effective strategies and tools to protect your cookies and personal data in 2024. Join us to learn how hackers steal your cookies and how you can stay safe online!

Transcript

Cookie theft is a cyberattack where hackers exploit session data stored in cookies, like login credentials, to gain unauthorized access to your accounts.

While cookies are designed for secure session management, they need protection to prevent misuse. In this video, we’ll show you how to stay safe.

I’m Justin Fraction for eSecurity Planet, and today we’ll break down what’s happening and how to protect yourself.

Don’t forget: You can read the full article on eSecurity Planet.

What Are Cookies?

There are two types:

• Session cookies: These disappear when you close your browser.
• Persistent cookies: These stay on your device, saving data like login credentials and preferences.

Cookies track users with unique IDs. First-party cookies store info for one site, while third-party cookies track across sites.

Though cookies themselves don’t steal passwords, they can be hijacked to access sensitive data.

How Does Cookie Stealing Work?

Attackers can steal your cookies through phishing, malware, and MITM attacks, leading to data theft, financial loss, and identity theft.

Let’s take a closer look at the process.

1. Initial Attack Vector

Attackers might send phishing emails or create fake websites. They can also exploit vulnerabilities in websites you visit to install malware that extracts cookies from your browser.

2. Deploy Malware

Once malware is on your device, it can extract sensitive data, including personal information.

3. Man-in-the-Middle (MITM) Attack

On unprotected public Wi-Fi, attackers can intercept communication between your browser and a website, stealing session cookies.

4. Session Hijacking

Attackers can take over your session by collecting cookies. They could even conceal dangerous malware in photos or links on secure websites you visit, and a single click can activate the code, even overcoming multifactor authentication.

5. Exploit Stolen Cookies

Stolen cookies can be sold on the dark web or used for illegal activities like unauthorized transactions or installing additional malware. With stolen cookies, bad actors can commit identity theft, cause financial loss, and access your accounts. They may perform illegal transactions and expose your personal information, such as browsing history, messages, and login details. This can damage your reputation and lead to legal consequences, especially for businesses, who may face fines, lawsuits, and compliance issues.

How Do You Know If You’re Being Targeted?

Detecting cookie theft early is crucial for protecting your accounts and data. Watch for these signs:

• Suspicious account activity, such as unauthorized logins or transactions
• Unexpected password reset notifications
• Unforeseen changes to account settings like email, phone numbers, or credentials
• Repeated logouts, which could indicate session hijacking
• Unusual login notifications or strange network traffic
• Random browser behavior or security software alerts
• Increased spam or phishing messages
• Unidentified devices in your security logs

If you notice any of these, you may be a victim of cookie theft.

How Do You Prevent It?

Use Secure Cookie Flags

Configure cookies with Secure and HttpOnly flags to ensure they’re transferred via HTTPS and inaccessible to client-side scripts, reducing the risk of theft via unencrypted connections or XSS attacks.

Deploy a Firewall

Install a reliable firewall to monitor incoming traffic, flag suspicious requests, and prevent session hijacking attempts.

Utilize SSL/TLS

Secure your website with SSL/TLS certificates to encrypt data between users and servers, making it difficult for attackers to intercept and steal session cookies.

Apply 2FA or MFA

Enhance account security with two-factor or multifactor authentication, making it harder for attackers to access accounts even if cookies are compromised.

Adopt Strong Password Policies

Promote the use of strong, unique passwords and enforce regular password updates.

Update Website Software Regularly

Keep WordPress themes and plugins up to date to fix security flaws that could be exploited to steal cookies.

Train Your Admin & Staff

Educate personnel on the risks of session hijacking and best practices for prevention to foster a security-conscious culture.

Beware of Phishing & Risky Websites

Stay vigilant against phishing attempts and avoid dangerous websites to prevent exposure to cookie-stealing malware.

Clear Your Cache Regularly

Regularly clear your browser’s cache and cookies to remove potentially compromised cookies and minimize the impact of cookie theft.

To recover from cookie theft, website administrators should do a security scan with a program to delete any detected risks.

Then, invalidate active sessions, update passwords and security keys, and then refresh the website software.

End users should change their passwords, clean their browser cache, enable two-factor authentication, monitor their accounts, and update their security settings.

Cookie theft is a serious threat, but with the right knowledge and precautions, you can protect yourself and your data.

We recommend Astra Security, Cynet Security, or ESET as software that can help you stay safe. Check out our links below for more info.

Remember, keeping your software up to date, using strong passwords, enabling two-factor authentication, and staying vigilant against phishing attempts are key steps to safeguarding your online security.

By taking these proactive measures, you can significantly reduce the risk of cookie theft and keep your personal information safe.

Thanks for watching! If you found this video helpful, be sure to give it a thumbs up and subscribe to eSecurity Planet for more tips and updates on staying secure in the digital world. Stay safe out there, and we’ll see you next time.

The post Video: How Hackers Steal Your Cookies & How to Stop Them appeared first on eSecurity Planet.