Authored by: PlexTrac Author Posted on: October 17, 2019 How to Prevent a Facebook Hack Once you have mitigated the damage from the Facebook attack, it is time to prevent a recurrence. It’s useful to first understand how your account was “hacked” in the first place. The two most common ways that the attacker gained access to your credentials are: How a Hacker Compromised Your Account 1) You gave them to the attacker. You may have received a malicious message from a “hacked” account belonging to one of your friends, clicked the link, and been deceived by a fake login page. 2) You were using the same username and password combination for your Facebook account that you use on other sites. Your credentials for the other site were compromised, and the attacker simply tried them on Facebook and got lucky. How to Prevent Further Attacks If you unwittingly gave the attacker your credentials (option 1), then the fix to prevent recurrence is easy: Don’t click on links in messages. But since you probably will anyway, at least heed this important rule: Never, ever enter a username and password into a website that appears after you click a link. If your account was compromised because you re-used credentials, consider this a wakeup call to start practicing better cyber hygiene in your life. Get yourself a password vault to facilitate using long, strong and unique passwords for all of your online accounts. You can read all about the goodness of password vaults in my article here: https://www.badgerinfosec.com/blog/do-this-now-password-vaults PlexTrac Author At PlexTrac, we bring together insights from a diverse range of voices. Our blog features contributions from industry experts, ethical hackers, CTOs, influencers, and PlexTrac team members—all sharing valuable perspectives on cybersecurity, pentesting, and risk management.
The Hidden Cost of Siloed Security Data Why visibility, not volume, is the real security advantage Security teams today are overwhelmed by data overload. Vulnerability scanners surface thousands of issues at a time. SIEMs generate a constant stream of alerts. Cloud platforms flag misconfigurations. Penetration tests provide detailed narratives about real-world attack paths. Ticketing systems track remediation. Risk teams maintain registers. Leadership... READ ARTICLE
Why PlexTrac is an ideal fit for midsize enterprise organizations Midsize enterprise (MSE) security leaders are in a uniquely challenging position: they’re expected to reduce risk, show measurable progress, and keep pace with new threats without the staffing, time, or budget of a large enterprise security organization. That’s why choosing the right exposure management platform matters. The best fit usually isn’t the biggest, most robust... READ ARTICLE
Outsourced vs Internal Pentesting Is Not the Decision You Think It Is One of the most common questions I hear from security teams is whether they should outsource pentesting or bring it in house. It is usually framed as a fork in the road. Pick one path and commit. I think that framing is wrong. The real issue is not who runs the pentest. It is whether... READ ARTICLE