M&S (Marks and Spencers) are a cornerstone of British retail with over 64,000 employees – so it was a shock for many to see them laid low by a ransomware attack in April 2025. The retail giant fell victim... Read More
Blog
Categories
Could the Spain and Portugal blackout have been a cyber-attack?
‘Cyber-attack’ was the phrase on many people’s minds when large parts of Spain and Portugal were recently plunged into a blackout. Authorities are investigating the root cause, with early reports suggesting a technical malfunction caused by a ‘rare atmospheric... Read More
Passkeys: Benefits, limitations, and will they replace passwords?
Major tech companies like Apple, Google, and Microsoft are actively supporting passkeys, and many popular websites and apps are beginning to adopt them. According to the FIDO Alliance, more than one billion people worldwide have now created at least... Read More
Behavioral biometric authentication: Could it replace passwords?
Most people are pretty familiar with biometrics at this point. You scan your thumbprint, iris, or face as a way of identifying yourself and accessing a device or application. It’s a simple but effective way to add an extra... Read More
Password spraying: Attack guide and prevention tips
The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on... Read More
AI vishing: Mastering the art of voice deception
Picture an Italian entrepreneur receiving a phone call from their country’s Defense Minister, Guido Crosetto. The politician has an important but challenging ask – he needs the wealthy individual to wire around €1 million to a Hong Kong-based bank... Read More
Post-quantum cryptography: Password security in the quantum era
Quantum mechanics is the study of physics at the level of incredibly small things – smaller than atoms. Anyone who’s looked into theories like wave-particle duality and entanglement, knows things can get confusing (and weird) very quickly. But it’s... Read More
ALIEN TXTBASE data-dump analysis: Dangerous or junk?
Specops researchers have been digging into the ALIEN TXTBASE data-dump, which was recently merged into the HaveIBeenPwned (HIBP) dataset by Troy Hunt. After some analysis of the over 200 million passwords in this dataset, we estimate about 20 million... Read More
NYDFS Cybersecurity Regulation: Up-to-date compliance guidance
The stakes are high when it comes to cybersecurity in the financial sector. Financial organizations house a lot of sensitive customer data, including login credentials, personally identifiable information (PII), and banking details. The New York State Department of Financial... Read More
MFA alone isn’t enough: Protect both passwords and the logon
Any system secured behind just a username and password is asking for trouble. Research from Microsoft estimates that over 99% of account takeover attacks can be stopped if the end user has multi-factor authentication (MFA) enabled. MFA is pretty... Read More