Credential harvesting represents a serious threat to organizations of all kinds – particularly in today’s digital landscape, where virtually every enterprise depends on user credentials for access and security. According to IBM’s 2025 Threat Intelligence Index, nearly a third... Read More
Blog
[New research] FTP ports under attack: Which passwords are hackers using?
The Specops research team has analyzed passwords being used to attack FTP ports over the past 30 days, in live attacks happening against real networks. Our team have found the most common passwords being used in brute force attacks,... Read More
DragonForce: Inside the Ransomware-as-a-Service group
The popularity of Software-as-a-Service (SaaS) has exploded over the past decade. The benefits for organizations are obvious – SaaS is scalable, cost-effective, and doesn’t need complex installation or maintenance. Gartner expects global spending on SaaS to reach $3 billion... Read More
Scattered Spider service desk attacks: How to defend your organization
Scattered Spider is a disparate hacking collective that has surged to prominence by using sophisticated social engineering tactics. One of their key tactics is exploiting people – specifically, corporate service desks. They’ve recently hit the headlines by allegedly duping... Read More
M&S ransomware hack: Active Directory & Service Desk security lessons
M&S (Marks and Spencers) are a cornerstone of British retail with over 64,000 employees – so it was a shock for many to see them laid low by a ransomware attack in April 2025. The retail giant fell victim... Read More
Could the Spain and Portugal blackout have been a cyber-attack?
‘Cyber-attack’ was the phrase on many people’s minds when large parts of Spain and Portugal were recently plunged into a blackout. Authorities are investigating the root cause, with early reports suggesting a technical malfunction caused by a ‘rare atmospheric... Read More
Passkeys: Benefits, limitations, and will they replace passwords?
Major tech companies like Apple, Google, and Microsoft are actively supporting passkeys, and many popular websites and apps are beginning to adopt them. According to the FIDO Alliance, more than one billion people worldwide have now created at least... Read More
Behavioral biometric authentication: Could it replace passwords?
Most people are pretty familiar with biometrics at this point. You scan your thumbprint, iris, or face as a way of identifying yourself and accessing a device or application. It’s a simple but effective way to add an extra... Read More
Password spraying: Attack guide and prevention tips
The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on... Read More
AI vishing: Mastering the art of voice deception
Picture an Italian entrepreneur receiving a phone call from their country’s Defense Minister, Guido Crosetto. The politician has an important but challenging ask – he needs the wealthy individual to wire around €1 million to a Hong Kong-based bank... Read More