Stolen credentials remain one of the most common entry points for attackers, according to the Verizon Data Breach Investigations Report. Phishing campaigns, credential stuffing, and other credential-based attacks continue to evolve, targeting both cloud and on-premises systems. To reduce... Read More
Authentication
Categories
[New whitepaper] How to secure your service desk against social engineering attacks
At first glance, these companies couldn’t be more different. A cleaning products giant, an iconic British retailer, a tech behemoth, and Las Vegas entertainment empire. Different industries, different locations, and different business models entirely. Yet they all share something... Read More
Specops expands cloud offering to self-service password resets
Good news for cloud-first organizations: we’re pleased to announce Specops uReset is now joining Specops Secure Service Desk as being supported for customers who have fully migrated to the Entra ID cloud. Specops uReset is now available for cloud-only... Read More
Securing the service desk: Interview with an OffSec expert
Securing the service desk has become a priority for many organizations, especially after the spate of social engineering attacks in the UK linked to Scattered Spider. Attackers know the service desk can be an easy way to bypass MFA... Read More
Passkeys: Benefits, limitations, and will they replace passwords?
Major tech companies like Apple, Google, and Microsoft are actively supporting passkeys, and many popular websites and apps are beginning to adopt them. According to the FIDO Alliance, more than one billion people worldwide have now created at least... Read More
Behavioral biometric authentication: Could it replace passwords?
Most people are pretty familiar with biometrics at this point. You scan your thumbprint, iris, or face as a way of identifying yourself and accessing a device or application. It’s a simple but effective way to add an extra... Read More
MFA alone isn’t enough: Protect both passwords and the logon
Any system secured behind just a username and password is asking for trouble. Research from Microsoft estimates that over 99% of account takeover attacks can be stopped if the end user has multi-factor authentication (MFA) enabled. MFA is pretty... Read More
The future of passwords: Emerging technologies and trends
While some experts keep predicting their demise, the reality is that passwords aren’t going anywhere soon — they remain at the heart of how we secure our digital world. New security tools are emerging, but they’re working alongside passwords, not replacing... Read More
TfL forced to manually reset 30K passwords after cyber-attack – is there an easier way?
In early September 2024, Transport for London (TfL) found itself at the epicenter of a sophisticated cyber-attack. As the news broke, the scale of the breach became apparent, leading to operational disruptions and the need for an immediate, robust... Read More
How to lock down your Active Directory password reset process
Attackers target helpdesks with social engineering attacks to gain unauthorized access to user accounts, which they can use to compromise an environment or launch ransomware attacks. When done effectively, they can bypass MFA and avoid having to verify their... Read More