Cybersecurity focus: Strong passwords key to privacy and data protection
Executives, analysts and cybersecurity specialists said key strategies must include implementing strong encryption to safeguard sensitive information, using MFA to enhance access security, and conducting regular security audits to identify vulnerabilities.
While referring to recent reports of a "16 billion password leak" that have sparked widespread concern, experts said businesses and commercial organisations should also educate employees on phishing and social engineering threats, promoting a culture of cybersecurity awareness.
'Utilising firewalls and antivirus software helps defend against malware and unauthorised access while regular software updates and patch management are crucial to address vulnerabilities,' according to cybersecurity specialists.
Go for Strong Password
Ezzeldin Hussein, Regional Senior Director, Solution Engineering, META, SentinelOne, said a strong password is the subscriber's first barrier—don't let it be the weakest link.
'While this recent leak aggregates old data, the danger remains current. Cybercriminals don't need new breaches when billions of credentials are still valid and reused. These massive compilations fuel phishing campaigns, credential stuffing, and identity-based attacks at scale,' Hussein told BTR.
"Passwords remain the first line of defence in cybersecurity, yet weak or reused credentials continue to be the leading cause of breaches worldwide. As cyber threats grow more advanced, relying on simple passwords is no longer enough — strong authentication practices are essential to safeguarding both personal and enterprise data."
"A password is more than just a key — it's the gateway to your digital identity. Strengthen it, protect it, and complement it with multi-factor authentication. Let this be a reminder — not just on World Password Day, but every day — that cyber hygiene begins with small but critical habits: changing default passwords, avoiding reuse, using password managers, and staying alert to phishing threats."
"Ultimately, the path forward is clear: we must shift toward passwordless authentication through biometrics, passkeys, and zero-trust identity models. A secure password is the first step toward a more resilient digital future. It's not just a personal responsibility; it's a shared mission across users, enterprises, and technology providers.'
Leading media outlets and publications have spent the past few days hyperventilating over reports of a colossal data breach that exposed more than 16 billion credentials. This is considered one of the largest data breaches in history and the records are scattered across 30 different databases including some of the global tech giants such as Apple, Facebook, Google, GitHub, Telegram, and even government platforms.
'Cybercriminals now have unprecedented access to personal credentials and could exploit them for account takeovers, identity theft, and targeted phishing attacks,' according to the report.
In response to the breach, Google has urged billions of users to switch from traditional passwords to more secure passkeys while the cybersecurity experts warned about suspicious SMS links, which could be part of widespread phishing campaigns tied to the stolen data.
Verify Links, Info First
Rob T. Lee, Chief of Research at SANS Institute, advised the web users, businesses and corporate entities to verify the links and information first before taking any action.
'After consulting multiple trusted CTI contacts, we've found no evidence of a fresh 16 billion-record password dump — no raw files or verified feeds have surfaced. This claim follows Forbes' May 17 article on '19 billion stolen passwords,' which similarly lacked source attribution and clarity on whether these figures overlap.'
He said the report's cited password-manager vendor, Keeper Security, isn't named as the origin of the data and makes no reference to any breach on its own website.
'Independent of the exact breach size, enabling multi-factor authentication blocks over 90% of account-takeover attempts. Our recommendation to all organizations and end users is simple: verify before you panic and implement 2FA today.'
Update Passwords Regularly
Peter Mackenzie, Director of Incident Response and Readiness, Sophos, said it is an important reminder to everyone to take proactive steps to update passwords, use a password manager and employ multi-factor authentication to avoid credential issues in the future.
'While you'd be right to be startled at the huge volume of data exposed in this leak it's important to note that there is no new threat here, this data will have already likely have been in circulation. These data sets are an amalgamation of information. What we are understanding is the depth of information available to cyber criminals. If you are concerned about your data being involved then using a service like https://haveibeenpwned.com/ can help you to check.'
Bernard Montel, Technical Director and Security Strategist - EMEA, Tenable, said data breach is a serious matter and everyone should protect its privacy through effective cybersecurity measures.
'Firstly, this is not a new data breach. It's the result of threat actors' use of infostealer malware that has silently scraped usernames and passwords during breaches. This data has been bundled, traded, and resurfaced across underground forums. That said, it's no less concerning,' Montel told BTR.
'Periodically we see this type of database surface, demonstrating that hackers have access to our online identities. Using scripts [a small program written in a programming language — such as Python, JavaScript, or Bash - that tells a computer step-by-step to do something] threat actors can trawl this treasure trove of information looking for patterns in passwords, but also credential reuse across multiple accounts. The latter is akin to a master key as it suggests the same combination will open multiple doors.'
As far as organisations are concerned, he said it's about understanding that this is a potential risk if these records correlate with over-privileged identities. Identities are the new perimeter given that compromised identities are at the center of nearly every successful cyberattack.
"Organisations must adopt an identity-first approach, that continuously validates permissions and access to prevent identity-based attacks before they occur," Montel said.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Zawya
2 hours ago
- Zawya
Huawei named a leader in the Gartner Magic Quadrant for container management
Gartner released the Magic Quadrant for Container Management 2025, positioning Huawei in the Leaders quadrant. This recognition is attributed to Huawei Cloud's deep expertise and strategic investments in Cloud Native 2.0. Huawei Cloud has been at the forefront, launching several innovative container products like CCE Turbo, CCE Autopilot, Cloud Container Instance (CCI), and the distributed cloud-native service UCS. These products provide the optimal cloud-native infrastructure for managing large-scale, scalable containerized workloads across public clouds, distributed clouds, hybrid clouds, and edge environments. Huawei Cloud is an active open-source contributor and a leader in the cloud-native technology ecosystem. As a long-standing contributor to the Cloud Native Computing Foundation (CNCF), Huawei Cloud has participated in 82 CNCF projects, holds over 20 project maintainer seats, and is the only Chinese cloud provider holding a vice-chair position on the CNCF Technical Oversight Committee (TOC). Huawei Cloud has donated several projects to CNCF, including KubeEdge, Karmada, Volcano, and Kuasar, and contributed benchmark projects such as Kmesh, openGemini, and Sermant in 2024. Huawei Cloud offers the most comprehensive container product matrix in the industry, covering public cloud, distributed cloud, hybrid cloud, and edge scenarios. It has been extensively adopted in sectors like Internet, finance, manufacturing, transportation, electricity, and automotive, delivering pervasive cloud-native value. Furthermore, Huawei Cloud container services are actively deployed worldwide. The rapid growth of cloud-native compute power is widely acknowledged by global users and continually supports customers in achieving business success. Starzplay, an OTT platform in the Middle East and Central Asia, leveraged Huawei Cloud CCI to transition to a serverless architecture. This move enabled the platform to handle millions of access requests during the 2024 Cricket World Cup, while also reducing resource costs by 20%. Ninja Van, a leading logistics and express service provider in Singapore, has fully containerized its services using Huawei Cloud CCE. This cloud-native AI service architecture is both agile and efficient, ensuring zero service interruptions during peak hours and improving order processing efficiency by 40%. Chilquinta Energía, one of the three major power companies in Chile, has upgraded its big data platform to a cloud-native architecture using Huawei Cloud CCE Turbo. The new platform boasts a 90% improvement in average performance, propelling Chilquinta toward more intelligent and automated operations. Konga, Nigeria's leading comprehensive e-commerce platform, has fully transitioned to a cloud-native architecture based on CCE Turbo. This agile and flexible approach effectively ensured a smooth shopping experience for its millions of monthly active users. Meitu, a leading visual creation platform in China, leverages CCE and Ascend cloud services to efficiently manage AI computing resources. This supports the deployment and inference of various models and algorithms, ensuring rapid iteration of large-scale training and enabling 200 million monthly active users to share their life moments in real time. In the age of AI, Cloud Native 2.0 has been fully upgraded to incorporate intelligence. Huawei Cloud is building a next-generation AI-native cloud infrastructure powered by advanced AI technologies. In Cloud for AI, CCE AI clusters form the cloud-native infrastructure for CloudMatrix384 supernodes. These clusters offer large-scale supernode topology-aware scheduling, PD separation scaling, AI workload characteristic-aware auto-scaling, and ultra-fast container startups. These features significantly accelerate AI training and inference, enhancing the overall efficiency of AI tasks. AI is also revolutionizing the cloud service experience. Huawei Cloud is committed to integrating AI into its cloud offerings and has introduced CCE Doer. CCE Doer integrates AI agents throughout the container usage process, providing intelligent Q&A, recommendations, and diagnostics. It can diagnose over 200 critical exception scenarios with a root cause accuracy rate exceeding 80%, enabling automated and intelligent container cluster management. Cloud native is rapidly evolving toward serverless. Huawei Cloud offers two serverless container products: serverless Kubernetes cluster CCE Autopilot and serverless container instance CCI, which enable users to focus on application development and accelerate service innovation. The recently launched general-computing-lite and Kunpeng general-computing serverless containers enhance computing cost effectiveness by up to 40%, making them the ideal scaling solution for businesses dealing with tenfold increases in traffic. Huawei Cloud will continue to partner with global operators to advance cloud-native technology innovations and share its successes. This collaboration will drive unprecedented industry transformation, opening up new opportunities for a more inclusive, accessible, and resilient digital society. Source: Gartner, Magic Quadrant for Container Management 2025. Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications contain the opinions of Gartner research and advisory organizations, and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER, MAGIC QUADRANT, and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and are used herein with permission. All rights reserved.
Khaleej Times
3 hours ago
- Khaleej Times
Instagram rolls out new location sharing, reels features; security concerns raised
Instagram has launched three new major features — Repost, Instagram Map, and the Friends tab — for its users. The Repost feature will help users share others' content with your own followers and friends. The feature will give credit to the original poster. Stay up to date with the latest news. Follow KT on WhatsApp Channels. Instagram Map The 'Instagram Map' feature is reminiscent of a similar feature on Snapchat. With this option, one can share their last active location with a chosen group of friends. The user can see their locations and content they've posted from interesting places. Also, the feature is designed with safety as a priority — parents of supervised teen accounts will be notified if their child turns on location sharing. "Share locations with friends and see what's happening around you on the Instagram map. And if you're a parent with supervision set up for your teen, you have control over whether they can share their location, and who they're sharing with," said Instagram. When the app rolled out the Map feature, it caused a wave of confusion among users who were worried that their locations would be visible to all their followers. Some users have since been shocked to discover that their location was being shared, viral posts have shown. "Mine was turned on and my home address was showing for all of my followers to see," Instagram user Lindsey Bell wrote in reply to a warning posted by "Bachelor" reality television personality Kelley Flanagan to her 300,000 TikTok followers. "Turned it off immediately once I knew but had me feeling absolutely sick about it." In a TikTok video, Flanagan called Instagram's new location sharing feature "dangerous" and gave step-by-step instructions on how to make sure it is turned off. Instagram chief Adam Mosseri fired off a post on Meta-owned Threads stressing that Instagram location sharing is off by default, meaning users need to opt in for it to be active. "Quick Friend Map clarification, your location will only be shared if you decide to share it, and if you do, it can only be shared with a limited group of people you choose," Mosseri wrote. "To start, location sharing is completely off." The feature was added as a way for friends to better connect with one another, sharing posts from "cool spots," Instagram said in a blog post. Users can be selective regarding who they share locations with, and can turn it off whenever they wish, according to Instagram. Friends tab The Friends tab within Reels helps users see what their friends have liked, commented on, or recommended via Blends. Instagram shared these updates through an official blog post, accompanied by a reel from platform chief Adam Mosseri, where he opened up about the new features in detail. All three features are available in the UAE as of this week. According to Meta, the new features are meant to make the app more community focused, and help people connect with their friends.
Arabian Business
7 hours ago
- Arabian Business
University of Dubai signs agreement with Tech Firm Technology
The University of Dubai (UD) and its Cyber-Security and Applied Resilience (C-SAR) Center have signed a two-year Memorandum of Understanding (MoU) with Tech Firm Technology to partners in the fields of cybersecurity, digital resilience, and innovative technologies. Under the agreement, the two parties intend to jointly promote educational programs, products, and services of both organisations, including C-SAR initiatives. They will implement collaborative research projects in the field of cybersecurity and support students in internships and practical training, including through C-SAR. The partnership also provides for special terms, benefits, and discounts for employees and their families. Dr. Eesa Bastaki, President of the University of Dubai, commented: 'This agreement is an important step in advancing our cybersecurity initiatives and strengthening ties with the industry. Working together with Tech Firm will enable our students and professionals to participate in cutting-edge projects and develop practical skills.' Tech Firm Technology is a Dubai-based technology solutions provider specialising in cybersecurity, digital transformation, and IT infrastructure services. The company partners with government agencies, enterprises, and educational institutions to deliver technology solutions that enhance operational efficiency and resilience. Ahmed Al Zarooni, CEO of Tech Firm Technology LLC, added: 'We are pleased to join forces with the University of Dubai to promote advanced technologies and enhance digital resilience. This partnership will open new opportunities for both the business and academic communities.'
