A U.S. State Government organization’s network was recently compromised through a former employee's administrator account. The organization itself is unnamed, but we know that the threat actor successfully authenticated into an internal virtual private network (VPN) access point using... Read More
Password Policy Management
Why security and awareness training won’t fix bad password habits
Organizations know their end users represent a cybersecurity risk. They make mistakes, they’re targeted by hackers, and sometimes they’ll even act maliciously against their employer. Security and awareness training is an attempt to reduce this risk by creating a... Read More
Holiday season cyber threats: Is your service desk prepared?
Cybercriminals strategically time their attacks for when cyber defenses are most vulnerable. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have noticed a significant increase in ransomware attacks against US companies during holidays and weekends.... Read More
How to force password changes at next logon in Entra ID (formerly Azure AD)
Entra ID (formerly Azure AD) is the central component for identity and access management in Microsoft Azure, and by extension, Microsoft 365. Managing users and passwords for organization accounts requires understanding how Entra ID (formerly Azure AD) handles password... Read More
Aligning password policies with cybersecurity KPIs
As an IT pro, you’re tasked with measuring (and ultimately proving) the value of your cybersecurity investments. But how do you show that your security efforts and expenditures have the desired effect? One way is by aligning your cybersecurity... Read More
Password reuse: A hidden danger you can’t ignore
Reusing passwords is common, despite years of warnings to end users. It’s a problem that’s difficult for IT teams to get a handle on, especially if people are reusing work passwords at home. This means a breach elsewhere can... Read More
Enable Microsoft Entra Password Protection (formerly Azure AD Password Protection) in a hybrid environment
With default Active Directory password policies, many organizations find that users create weak, easily guessed, or incremental passwords that attackers can easily compromise. Using Microsoft Entra Password Protection (formerly Azure AD Password Protection), organizations can have an additional layer... Read More
Useful PowerShell commands for managing Active Directory password policies
Managing password policies in Active Directory is an essential task for a system administrator managing AD DS environments. Password policies help to enforce password policy best practices so passwords are not easily guessed or compromised. Managing and configuring password... Read More
Thinking about going passwordless? Here’s what to consider first.
In 2004, Bill Gates made a bold prediction that passwords would soon be dead. Almost twenty years later, the password is pretty much as prevalent as ever. If you’re here, it’s a question that’s probably crossed your mind too:... Read More
These Fortune 500 Companies Show Up Most Often in Compromised Password Data
Today, the Specops research team is sharing the results of their latest findings on the use of Fortune 500 company names in compromised passwords. The release of these findings coincides with the latest addition of over 33.9 million compromised... Read More