Paste

A Paste is information that has been “pasted” to a public facing website designed to share content such as Pastebin. These public forums are frequently used by hackers for their ability to anonymously sharing critical and sensitive information such as password files stolen during hacker breaches.

Have I Been Pwned (HIBP) is a public service website that collects “Pastes” made on many of these public forums (for example this Pastebin and this @dumpmon Twitter account). HIBP collects them into normalized and searchable database for managed security service providers and individuals alike to learn what is publicly “out there” on an email or domain. Finding an email address in a paste does not immediately mean the account has been breached (logged into by someone other than the owner of the account) but rather that it has been exposed.

It is important to know these forums exist and to review and monitor public pastes to determine if your personal or professional accounts have been exposed. Once an account has been exposed, review what was found and take appropriate action such as changing your password.

Not everything on “Paste” sites are damaging hacker dumps. Often they are used for sharing development code too. Developers post their code for solving specific problems.  Other developers search “Pastes” for tools needed to solve their development problems. The following are some common popular pastes uses:

  • paste users share text files instead of applications like Google Docs/Dropbox
  • Twitter users share updates longer than 140 characters using pastes
  • Uploading source code for the purpose of sharing or review/collaboration
  • Spam/site promotion
  • Re-publishing text that has been removed from other sites
  • Sharing dark web links
  • Publicizing breached data and other sensitive information (passwords, social media profiles and much much more)

Source: Echosec, HIBP

Related Terms: Hackers

What does this mean for an SMB?

There is always something that can be done to reduce the chances of falling victim to cyber attacks. Preventing your sensitive data from exposure on dark web paste sites is not possible, but there are some proactive steps you can take. Account security can be improved by monitoring for dark web exposures and having a repeatable response process of notification of end users to change passwords for example.

Companies should adopt the following measures as well:
 
Tip #1: ENABLE TWO-FACTOR AUTHENTICATION ON all CRITICAL ACCOUNTS

The very best action one can take to protect any online account is to enable two-factor authentication (2FA).  Two factor authentication requires one to use any two of the following three identification factors: 

  1. Something you know – Most often a password for your account.
  2. Something you have – Such as a cell phone with a temporary authentication code.
  3. Something you are – Such as your fingerprint or facial recognition.

Unfortunately, Hackers know that most people don’t set up 2FA into their account as it can delay logging in by a second or two. Additionally, most sites don’t require you set it up. CyberHoot suggests you set it up today for all your personal accounts and if you’re a business owner, demand that your MSP enable it for their support and your users for all Internet enabled services.

Tip #2: LEARN HOW TO USE A PASSWORD MANAGER

One action all cybersecurity professionals recommend is learning how to use a Password Manager. They install right into your web browser and are free for personal use. A Password Manager enables you, over time, to set and use unique passwords on all your online accounts.  This protects you from an account compromise when and if a hacker acquires your password(s) from a public Paste on a dark web forum. HIBP has inventoried more than 10 BILLION exposed accounts in its database. Private and non-public exposed accounts probably number 10x as many (100 Billion).

Password Managers help fight user password fatigue too by remembering and filling in your passwords so you don’t have to remember any of them (except the Master Password to unlock your Password Manager). They store encrypted passwords securely and make them available to you via a web browser plug-in. When you visit a legitimate website, your password manager prompts you to authenticate with the credentials it has stored in its database. 

Surprising benefit #1 of a Password Managers:

They protect you from many forms of phishing attack! If you visit a hacker website accidentally, your password manager will not be fooled into sharing your password with a hacker because the domain name will be different.

Surprising Benefit #2 of Password Managers:

They search the Internet Pastes and report exposed accounts to you without you having to subscribe to some security service.  LastPass for example partners with HIBP to bring public exposed account information to LastPass users immediately upon discovery.  Another surprising benefit of using a password manager.

Business Owners need to improve their cybersecurity protections proactively.  By working with CyberHoot, you’ll learn all about Password Managers, exposed accounts, and much more. Your users will learn these things too.  By becoming more aware of these things, you and your company will become more secure!  Isn’t it about time you gave yourself a fighting chance against these hackers?

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

How to find your own Exposed Data using a TOR Browser (Warning: Explicit Language)
Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.