David Ketler

David Ketler is a cybersecurity consultant based in Toronto, Canada with 10+ years of experience in software development and cybersecurity. He writes about password cracking, dark web activity, and password management.

Articles written by David Ketler

May

22

The Reset Gap: How Storm-2949 Weaponized Native Entra ID Features

On 18 May 2026, Microsoft's Threat Intelligence team reported the results of an investigation into a threat actor they have labeled Storm-2949. Similar to the recent Handala attack against US healthcare vendor Stryker, this attack did not hinge on some…
Read More
May

12

How Attackers Use mdxfind to Crack Passwords

Password cracking is relatively straightforward when everything is known. Given a set of hashes and the algorithm behind them, crackers can apply tools like Hashcat effectively. But Hashcat assumes that an attacker or researcher already knows what they’re dealing with,…
Read More
May

07

IGN Twitch Hack: How Leaked Restream.io Credentials Hijacked a Major Media Channel

On 2 May 2026, gaming media giant IGN was hacked in a way that should worry every organization relying on third-party streaming services. At approximately 22:15, an unauthorized livestream went live on IGN's official Twitch channel. Viewers reported it to…
Read More
Apr

07

Houston, We Have a Password Problem: How Global Events Drive Weak Credentials

Major global events don’t just capture attention, they influence behavior, including how users create passwords. This behavior is not new. Major sporting events like the FIFA World Cup, and seasonal celebrations such as Valentine’s Day and Christmas consistently drive the…
Read More
Mar

30

Do AI GPUs Make Password Cracking Faster? Testing Nvidia H200 and AMD MI300X

The technology world is currently obsessed with Artificial Intelligence (AI) compute. Demand for GPUs has surged, prices for memory and semiconductor capacity have risen, and manufacturers are racing to build increasingly powerful AI accelerators such as Nvidia’s H200 and AMD’s…
Read More
Mar

27

Stryker Cyber-Attack: What we Know so Far About the Remote Wipe Attack

On March 11, 2026, the Iranian hacktivist group Handala Hack Team claimed responsibility for a cyber-attack against the American healthcare technology company Stryker. According to public reporting, the attackers claimed to have impacted more than 200,000 systems and exfiltrated approximately…
Read More
Mar

09

Identity Drift in AD and Entra ID: The Risk After a Password Change

Password resets are often treated as a clean break. A leaked credential is discovered, the password is changed, and risk is assumed to be contained. In hybrid Active Directory (AD) environments that assumption is dangerous. When AD operates alongside Microsoft…
Read More
Mar

05

Are Rainbow Tables Still Relevant in 2026?

In early 2026, Mandiant released a massive 8.6TB of Net-NTLMv1 rainbow tables. If you’re not familiar with the term, rainbow tables are precomputed hash lookup tables, “cheat sheets” that allow attackers to reverse unsalted hashes far faster than brute force…
Read More
Mar

02

Marquis Sues SonicWall: What the Lawsuit Reveals About MFA Recovery Risks

On Monday, February 23, 2026, fintech provider Marquis Software Solutions Inc. filed a lawsuit against SonicWall in the U.S. District Court for the Eastern District of Texas. The legal action follows a 2025 cybersecurity incident where Marquis alleges that a…
Read More
Feb

16

How Attackers use Targeted Wordlists in Password Cracking

Cyber-attacks are often framed as highly sophisticated and increasingly driven by artificial intelligence (AI). But, in practice, many successful attacks are far more basic. Weak passwords and predictable human behavior continue to provide attackers with reliable opportunities to gain unauthorized…
Read More