When you look at many of the high-profile breaches that have taken place in recent years, many of them had a common denominator – weak or compromised passwords. Weak passwords are easily compromised and can lead to significant breach... Read More
Credential-based Attacks
Categories
Common ransomware attack types: How they work & tips for prevention
Think of ransomware attacks as a form of digital kidnapping. Cybercriminals use encryption to lock you out of your files or devices, effectively holding them hostage until a ransom is paid. Like traditional kidnappers, their primary motive is financial... Read More
Ransomware Prevention Best Practices
A thriving industry of holding data hostage has emerged out of the malicious software known as ransomware. The FBI’s Internet Crime Complaint Center (IC3) states in its Internet Crime Report for 2020 that it received a record number of... Read More
Nvidia leak shows weak passwords in use [new data]
Cyber-criminal group LAPSUS$ claimed GPU manufacturer Nvidia as one of its latest breach victims at the end of February. The news of the breach made headlines in the past few weeks, including details that employee passwords were leaked. The... Read More
Corporate Account Takeover: How it works & tips for prevention
Corporate account takeover (CATO) is a growing threat that allows cybercriminals to gain unauthorized access to business accounts, leading to financial fraud, data breaches, and operational disruptions. Attackers use tactics such as phishing, credential stuffing, and malware to compromise... Read More
Securing ADFS against password spraying attacks
Stolen account passwords provide the “path of least resistance” into a victim network for an attacker. Once compromised credentials are obtained, the attacker can easily access business-critical systems with little effort. Active Directory Federation Service (ADFS) is a solution... Read More
Protecting Your Organization Against the Nobelium Attacks
The UK’s National Cyber Security Centre has recently issued guidance to organizations in response to a series of attacks. This guidance was released following a notification in which Microsoft indicated that it had identified new activity tied to an... Read More
Top 5 Hacker Groups and their Attacks
One of the frightening cybersecurity risks for businesses today is undoubtedly ransomware. It doesn’t discriminate and leaves in its wake encrypted, unreadable files, threats of data leaks, and often millions of dollars in damages. Moreover, large-scale and sophisticated ransomware... Read More
Block These Recently Leaked VPN Passwords to Prevent Ransomware Attacks [new data]
Worried about ransomware attacks? Recent attack news indicates you should be looking to secure your VPN connections. Last week, we learned that thousands of Fortinet VPN passwords had been leaked on the dark web by a former ransomware operator.... Read More
Defending Your Network from RockYou2021
In June 2021, a large data dump was posted to a popular internet hacking forum. This dataset was termed “rockyou2021,” named after the popular password brute-force wordlist known as Rockyou.txt. Media and Twitter alike were abuzz with what to... Read More