Chapter
Cybersecurity breach at the World Bank
37:34 - 45:50 (08:15)
Despite the World Bank's wealth, their cybersecurity measures were inadequate, relying solely on user IDs and passwords. When there was a security breach, it was surprising to find the hackers targeting HR, but it was due to obtaining password hashes and the enterprise admin’s password.
Clips
The speaker shares their experience of working late during a cyber attack incident, involving only sleeping a few hours under their desk with a pillow and a blanket they eventually left at work.
37:34 - 38:54 (01:19)
Summary
The speaker shares their experience of working late during a cyber attack incident, involving only sleeping a few hours under their desk with a pillow and a blanket they eventually left at work.
ChapterCybersecurity breach at the World Bank
Episode91: webjedi
PodcastDarknet Diaries
A look into the 2016 World Bank data breach, which resulted in the loss of private employee data, and the questionable security practices that may have contributed to the incident.
38:54 - 42:07 (03:12)
Summary
A look into the 2016 World Bank data breach, which resulted in the loss of private employee data, and the questionable security practices that may have contributed to the incident.
ChapterCybersecurity breach at the World Bank
Episode91: webjedi
PodcastDarknet Diaries
The ability to quickly crack password hashes indicates that enterprise admin passwords are not very strong, leaving networks vulnerable.
42:07 - 44:21 (02:14)
Summary
The ability to quickly crack password hashes indicates that enterprise admin passwords are not very strong, leaving networks vulnerable. Two-factor authentication can provide added security.
ChapterCybersecurity breach at the World Bank
Episode91: webjedi
PodcastDarknet Diaries
Microsoft was called in to conduct an analysis of Active Directory forest management for a bank after a security breach.
44:22 - 45:50 (01:27)
Summary
Microsoft was called in to conduct an analysis of Active Directory forest management for a bank after a security breach. The company developed a security operations center and incident handling playbook to improve overall security.