Marcus White

Deployment

Security

Technical

Marcus is a Specops cybersecurity specialist based in the UK, with 8+ years experience in the tech and cyber sectors. He writes about authentication, password security, password management, and compliance.

Articles written by Marcus White

Jul

28

“Can you reset my password?” How a simple service desk attack cost Clorox $400 million

Last week, cleaning products giant Clorox took the unusual step of suing its IT services partner Cognizant for gross negligence. Clorox are alleging that the August 2023 ransomware attack they suffered came about thanks to an incredibly simple piece of…
Read More
Jul

15

[New research] Heatmap of 10 million breached passwords: 98.5% are weak

The Specops research team has analyzed 10 million random passwords from the 1 billion+ breached password list used by Specops Password Auditor. These are all real compromised passwords that have been captured by Specops, which you can scan your own…
Read More
Jul

11

Hackers’ 5 top password cracking techniques

Cyber-attacks come in many forms and continue to evolve, but there’s one tried and trusted unauthorized entry method that’s stood the test of time – cracking a user’s password. Despite this, too many organizations still rely on outdated advice and…
Read More
Jul

10

NHS cybersecurity experts talk passwords and Specops

NHS organizations have a challenge on their hands when it comes to cybersecurity. They have to defend sprawling, heterogeneous IT environments against relentless cyber‑threats, all while keeping their number one priority in mind: patient care. On a recent Specops webinar,…
Read More
Jun

30

Man-in-the-Middle (MITM) attack guide & defense tips

Imagine you’re overseeing your organization’s network security when suddenly you notice an unusual traffic pattern: packets flowing through a server that shouldn’t be there. What you’re witnessing could be a Man-in-the-Middle (MITM) attack in action, where an adversary stealthily intercepts…
Read More
Jun

24

[Analysis] 16 billion passwords leaked – how much is recycled data?

Researchers recently uncovered a (seemingly) unprecedented aggregation of roughly 16 billion username–password pairs. However, there’s been some debate around how much of this is recycled data versus new. Similarly to the Rockyou2024 password list and ALIENTXTBASE data dump, our own…
Read More
Jun

11

Securing the service desk: Interview with an OffSec expert

Securing the service desk has become a priority for many organizations, especially after the spate of social engineering attacks in the UK linked to Scattered Spider. Attackers know the service desk can be an easy way to bypass MFA and…
Read More
Jun

05

SIM-swap fraud: Scam prevention guide

SIM-swapping is quickly becoming a favorite form of attack for cybercriminals. According to the National Fraud Database, SIM-swap fraud jumped by over 1,000% in 2024. Hackers port a victim’s number onto a rogue SIM, so they can intercept SMS-based two-factor…
Read More
May

13

[New research] FTP ports under attack: Which passwords are hackers using?

The Specops research team has analyzed passwords being used to attack FTP ports over the past 30 days, in live attacks happening against real networks. Our team have found the most common passwords being used in brute force attacks, as…
Read More
May

09

DragonForce: Inside the Ransomware-as-a-Service group

The popularity of Software-as-a-Service (SaaS) has exploded over the past decade. The benefits for organizations are obvious – SaaS is scalable, cost-effective, and doesn’t need complex installation or maintenance. Gartner expects global spending on SaaS to reach $3 billion in…
Read More

Marcus White

Articles written by Marcus White

Free Active Directory Auditing Tool!