85 million passwords targeted in enterprise network attacks

Researchers have found 85 million new stolen passwords that are currently being used in targeted attacks against company networks. This situation highlights ongoing security issues related to password use. Many people still rely heavily on passwords, even though experts suggest using safer alternatives like passkeys. Many internet users, about 50%, reuse the same password across multiple sites. This practice increases the risk of falling victim to phishing attacks and ransomware. The recent discovery of these passwords comes from Specops, a password protection service. They detected the new compromised passwords through advanced security methods, revealing a troubling trend in password security. Specops analyzed passwords used in attacks on Remote Desktop Protocol (RDP) ports, which many companies use for remote access. They found common passwords like "123456," "Password1," and "P@ssw0rd" being used, showing a lack of awareness about password security. RDP ports are attractive to hackers since they allow remote access to corporate systems. If these ports are not secured, they can be easily targeted using brute-force methods. Attackers may also use known compromised passwords to gain access. To protect against these attacks, Specops recommends several strategies. These include implementing multi-factor authentication for RDP connections, keeping software updated, checking for security misconfigurations, and preventing the use of weak passwords in company systems.