2025 has been a summer of high-profile breaches. This post will focus on four notable and high-profile victims: Chanel, Google, Air France, and KLM. Although the companies and exact data sets differ, these breaches share a clear pattern: attackers... Read More
News and Research
Categories
MFA failure costs Hamilton $18m in cyber insurance payout
On February 25th, 2024, a sophisticated ransomware attack struck the City of Hamilton, crippling roughly 80 percent of its network. This included business licensing, property-tax processing, and transit-planning systems. Cybercriminals proceeded to demand an $18.5 million ransom that the... Read More
How one weak password destroyed KNP: A sad lesson in the cost of password neglect
Businesses fail all the time, for all sorts of reasons. Especially startups and fledgling ventures. So when a business like Knights of Old (trading as KNP Logistics Group) survives a century and a half, through enough recessions, wars, government... Read More
“Can you reset my password?” How a simple service desk attack cost Clorox $400 million
Last week, cleaning products giant Clorox took the unusual step of suing its IT services partner Cognizant for gross negligence. Clorox are alleging that the August 2023 ransomware attack they suffered came about thanks to an incredibly simple piece... Read More
[New research] Heatmap of 10 million breached passwords: 98.5% are weak
The Specops research team has analyzed 10 million random passwords from the 1 billion+ breached password list used by Specops Password Auditor. These are all real compromised passwords that have been captured by Specops, which you can scan your... Read More
Specops Now Offered Through GuidePoint Security
This new collaboration offers GuidePoint Security customers access to password management and authentication solutions, which protect business data by blocking weak and compromised passwords and securing user authentication. Philadelphia, United States Specops is excited to announce a strategic reseller... Read More
[Analysis] 16 billion passwords leaked – how much is recycled data?
Researchers recently uncovered a (seemingly) unprecedented aggregation of roughly 16 billion username–password pairs. However, there’s been some debate around how much of this is recycled data versus new. Similarly to the Rockyou2024 password list and ALIENTXTBASE data dump, our... Read More
HMRC phishing attack: How stolen credentials enabled tax fraud
His Majesty’s Revenue and Customs (HMRC) recently announced that it has been hit by a sophisticated phishing scam, which resulted in the theft of approximately £47 million ($63.76 million) from over 100,000 taxpayer accounts. The attack took place in... Read More
Introducing Specops Service Desk for Cloud (Entra ID)
The service desk has become a prime target for sophisticated social‐engineering campaigns. It’s never been more important to arm frontline support teams with the tools they need to verify every caller from a potential liability into a confirmed identity.... Read More
DragonForce: Inside the Ransomware-as-a-Service group
The popularity of Software-as-a-Service (SaaS) has exploded over the past decade. The benefits for organizations are obvious – SaaS is scalable, cost-effective, and doesn’t need complex installation or maintenance. Gartner expects global spending on SaaS to reach $3 billion... Read More