M&S (Marks and Spencers) are a cornerstone of British retail with over 64,000 employees – so it was a shock for many to see them laid low by a ransomware attack in April 2025. The retail giant fell victim... Read More
Credential-based Attacks
Password spraying: Attack guide and prevention tips
The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on... Read More
AI vishing: Mastering the art of voice deception
Picture an Italian entrepreneur receiving a phone call from their country’s Defense Minister, Guido Crosetto. The politician has an important but challenging ask – he needs the wealthy individual to wire around €1 million to a Hong Kong-based bank... Read More
ALIEN TXTBASE data-dump analysis: Dangerous or junk?
Specops researchers have been digging into the ALIEN TXTBASE data-dump, which was recently merged into the HaveIBeenPwned (HIBP) dataset by Troy Hunt. After some analysis of the over 200 million passwords in this dataset, we estimate about 20 million... Read More
HIBP adds 284M malware-stolen accounts: Takeaways on Telegram & infostealers
Leaked credentials are in high demand on underground marketplaces. A database of stolen credentials is a like a giant box of keys to a hacker. With the use of the right software, they can rapidly try these keys against... Read More
Botnet targets Microsoft accounts with password spraying attack
A huge botnet (network of private computers infected with malware) of 130,000 devices has been targeting Microsoft 365 service accounts across the world. First discovered by SecurityScorecard on February 24th, the botnet appears to be engaged in a mass... Read More
Cyber-attack incident response plan: Responding to a breach
Having an incident response plan is crucial in the wake of a cyber-attack because it provides a structured and systematic approach to managing the crisis. Without a plan, organizations may find themselves scrambling to respond, leading to confusion, delays,... Read More
AI arms race: How AI will be used by cyber-attackers (and defenders)
It’s no surprise that AI’s explosive growth in the last five years has also greatly expanded the need for sophistication and preparation from security threats. While artificial intelligence presents new challenges, machine learning and neural networks also expand security... Read More
Credential-based attacks: Key types, how they work, and defense strategies
Credential-based attacks remain a significant threat to organizations of all sizes. According to the Verizon Data Breach Investigations Report (DBIR), lost or stolen credentials are the most common way for cybercriminals to gain initial access to systems. Google Cloud... Read More
[New research] How well does SHA256 protect against modern password cracking
The Specops research team have previously published data on how long it would take for hackers to brute force hashed user passwords. We set up hardware to test two different algorithms: MD5 hashed passwords and bcrypt hashed passwords. Now,... Read More