The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on... Read More
Credential-based Attacks
Categories
ALIEN TXTBASE data-dump analysis: Dangerous or junk?
Specops researchers have been digging into the ALIEN TXTBASE data-dump, which was recently merged into the HaveIBeenPwned (HIBP) dataset by Troy Hunt. After some analysis of the over 200 million passwords in this dataset, we estimate about 20 million... Read More
HIBP adds 284M malware-stolen accounts: Takeaways on Telegram & infostealers
Leaked credentials are in high demand on underground marketplaces. A database of stolen credentials is a like a giant box of keys to a hacker. With the use of the right software, they can rapidly try these keys against... Read More
Botnet targets Microsoft accounts with password spraying attack
A huge botnet (network of private computers infected with malware) of 130,000 devices has been targeting Microsoft 365 service accounts across the world. First discovered by SecurityScorecard on February 24th, the botnet appears to be engaged in a mass... Read More
Cyber-attack incident response plan: Responding to a breach
Having an incident response plan is crucial in the wake of a cyber-attack because it provides a structured and systematic approach to managing the crisis. Without a plan, organizations may find themselves scrambling to respond, leading to confusion, delays,... Read More
AI arms race: How AI will be used by cyber-attackers (and defenders)
It’s no surprise that AI’s explosive growth in the last five years has also greatly expanded the need for sophistication and preparation from security threats. While artificial intelligence presents new challenges, machine learning and neural networks also expand security... Read More
Credential-based attacks: Key types, how they work, and defense strategies
Credential-based attacks remain a significant threat to organizations of all sizes. According to the Verizon Data Breach Investigations Report (DBIR), lost or stolen credentials are the most common way for cybercriminals to gain initial access to systems. Google Cloud... Read More
[New research] How well does SHA256 protect against modern password cracking
The Specops research team have previously published data on how long it would take for hackers to brute force hashed user passwords. We set up hardware to test two different algorithms: MD5 hashed passwords and bcrypt hashed passwords. Now,... Read More
TfL forced to manually reset 30K passwords after cyber-attack – is there an easier way?
In early September 2024, Transport for London (TfL) found itself at the epicenter of a sophisticated cyber-attack. As the news broke, the scale of the breach became apparent, leading to operational disruptions and the need for an immediate, robust... Read More
[New research] Are VPN passwords secure? Two million malware-stolen passwords say no.
Today, the Specops research team is publishing new data on VPN passwords that have been stolen by malware. In total, our threat intelligence research team found 2,151,523 VPN passwords that have been compromised by malware over the past year.... Read More