TuesdayTool 17: ProxyNova Part 1

Introduction

Data breaches have become a normal occurrence in the digital world today. A data breach is the unauthorized exposure, disclosure, or loss of personal identifiable information”. Personal identifiable information (PII) ranges from first name, address, phone number, gender, etc. They are information that can be used to identify a person. Threat actors have a variety of motives, from financial gain to political activism, political repression, and espionage. Once a threat actor gets a hold of an organization's details, the next public action is to showcase what they have on the victim organization. This usually includes clients and staff details. How then can you discover if you are part of any breach? This short article provides such insight.

Different tools can assist in determining if your data is part of a data breach or not, some of them are:

1. HaveIbeenpwned: Click here to get started. Insert your email address and wait for the result. It either displays “You have been pwned” or “ You have not been pwned”.
2. Haveibeenbreach: this site boasts over 870k email addresses in its database. Insert your email address and wait for the result. Click here to get started.
3. WhatismyIPaddress: Many cybersecurity enthusiasts and professionals will be surprised to see WhatIsMyIPaddress on the list. Yes, I know you must have used it for IP address-related queries but you can use it to detect if you have been breached. Click here to get started
4. LeakPeek: another site to check whether your details are public or not. Click here to get started.

The list continues but this week, I found a new web application that offers more than a data breach check. This web application is called ProxyNova!

ProxyNova leaked password search page

ProxyNova Features

ProxyNova is a multi-tool that provides a lot more than data breach checks. We will explore ProxyNova in a series, so take this as the first series.

ProxyNova provides the password to match the inserted username and email address. The portal reveals if you have been breached or not and provides an associated password.

How to use ProxyNova

1. Click the link
2. Insert username or email address
3. Click search

It should return a result page, check if it is yours as it provides context to the service whose password has been breached.

Conclusion

After checking, and found to be a victim, what next? Do the following

1. Change your password: develop the habit of changing your password regularly
2. Use a password manager to manage all passwords and keep the master password (the password to your password manager safe)
3. Enable 2-factor authentication. Never leave any of your account on the first level of security which is username and password. Ensure you have additional security measures such as One Time Password (OTP), preferably using an authenticator application as Google authenticator or Microsoft authenticator as against the popular SMS authentication process

Till I come your way again next week Tuesday, #BeCyberSmart

Cyberliza writes TuesdayTool