User credentials are golden prizes for attackers. Weak or breached credentials provide an easy target for attackers looking to log in to a network instead of breaking in. Most businesses have caught on to the fact that multi-factor authentication... Read More
News and Research
Categories
Six ways to apply the principle of least privilege to your Active Directory
The principle of least privilege is simple but important: it states that users only have the minimum access necessary to perform their job. For organizations using Active Directory (over 90% of the Fortune 100), this means the minimum necessary... Read More
Business email compromise: Practical ways to reduce your risk
Everyone uses email – you’d struggle to find a business that doesn’t. Unfortunately, for a form of digital communication we’ve been using since the 80s, it’s still very easy for cybercriminals to attack. As a result, email is the... Read More
[New Research] Best Password Practices to Defend Against Modern Cracking Attacks
Today, the Specops research team is publishing new data on how long it takes modern attackers to brute force guess user passwords with the help of newer hardware. This data with the latest addition of over 15 million compromised... Read More
What IT Teams should do about security concerns around the new Google Authenticator sync feature
Recent news of security concerns around a new feature in Google Authenticator may have IT teams wondering if they need to adjust any reliance on the app for authentication within their networks or apps their organizations use. Launched in... Read More
Long Live the Secure Password! Royal themes discovered within compromised password lists
With King Charles III’s coronation this weekend we’ve analyzed our Breached Password Protection list and discovered a royal connection. Around 350 million people are expected to watch May 6th’s historic coronation in the UK so we’re checking to see... Read More
May The Force stay far far away from your AD #StarWarsDay
It’s back and better than ever! We’re celebrating #StarWarsDay with an updated list of the most used Star Wars themed passwords that top the Specops Breached Password Protection list. The Specops Breached Password Protection database includes the HaveIBeenPwned list,... Read More
Stale user accounts report in Active Directory
Stale (inactive) user accounts in Active Directory can provide attackers (and former employees) with an easy path into a corporate network. Even if the stale user account is not a privileged account, it can be used for privilege escalation... Read More
Specops Password Policy 7.9 – Send Mail from Arbiter, Configure AD Sites for Improved Performance & more
Today we’ve released the latest version of our Active Directory password management solution, Specops Password Policy 7.9. In this post, we’ll take a look at what’s new: New: Optionally configure email to send via the Arbiter to help further... Read More
These Fortune 500 Companies Show Up Most Often in Compromised Password Data
Today, the Specops research team is sharing the results of their latest findings on the use of Fortune 500 company names in compromised passwords. The release of these findings coincides with the latest addition of over 33.9 million compromised... Read More