BEC Attack Prevention
Once attackers have valid credentials, they gain unauthorized access to email accounts, making it much easier to carry out a BEC attack ... Read More
Enhancing AD Security Against Password Spraying Attacks
Active Directory can be exploited through password spraying attacks and compromised credentials. Five Eyes recommends the following controls ... Read More
The Past Month in Stolen Data
Infostealers, Data Breaches, and Credential Stuffing Unquestionably, infostealers still take the top spot as the most prominent source for newly compromised credentials (and potentially other PII as well). Access brokers are buying, selling, trading, collecting, packaging, and distributing the raw logs and collections of the extracted stolen credentials at a ... Read More
Updates on the Compromised Credential Landscape
Recent Trends The surge in infostealer malware has led to an alarming increase in credential compromise, significantly impacting both individuals and organizations. With threat actors exploiting password managers and targeting remote monitoring and management (RMM) tools, it’s crucial to stay informed about these threats. Infostealer Malware Fuels Credential Compromise We’ve ... Read More
Microsoft Entra ID Password Protection in Hybrid Environments
Can Entra ID continually defend against exposed passwords in new data breaches as businesses operate across a hybrid environment? ... Read More
Microsoft Entra ID Password Protection: Overcoming the Limitations
Microsoft Entra ID is one of the tools many organizations rely on to protect their passwords, but is it enough? Understand the limitations ... Read More
Public Sector Compliance: Passwords and Credentials Matter
Helping government agencies and organizations operating in the public sector navigate password and credential security ... Read More
Betting, Gambling, and Sports Betting Sites: The Costs of ATO
The most prevalent and damaging attack plaguing the online betting and gambling industry is fraud stemming from account takeover ... Read More
Harmonizing Security and Usability to Tackle Account Takeover
Account takeover (ATO) has become a significant threat to online platforms and consumers, costing billions annually. With the increasing digitization of services, threat actors have found numerous ways to exploit stolen credentials, resulting in account takeovers across various sectors. The challenge for organizations lies in balancing strong security measures with ... Read More
Navigating Compliance: Password and Credential Security
In today’s digital age, the threat of cyberattacks is growing at an alarming rate. The frequency and impact of these attacks are escalating, prompting governments and industry bodies to introduce a slew of regulations designed to protect sensitive data. However, this has created a complex web of legislation that companies ... Read More
