This website uses cookies to ensure you get the best experience on our website. Learn more
Articles written by Marcus White
-
Jun
11
Securing the service desk: Interview with an OffSec expert
Securing the service desk has become a priority for many organizations, especially after the spate of social engineering attacks in the UK linked to Scattered Spider. Attackers know the service desk can be an easy way to bypass MFA and…
Read More -
Jun
05
SIM-swap fraud: Scam prevention guide
SIM-swapping is quickly becoming a favorite form of attack for cybercriminals. According to the National Fraud Database, SIM-swap fraud jumped by over 1,000% in 2024. Hackers port a victim’s number onto a rogue SIM, so they can intercept SMS-based two-factor…
Read More -
May
13
[New research] FTP ports under attack: Which passwords are hackers using?
The Specops research team has analyzed passwords being used to attack FTP ports over the past 30 days, in live attacks happening against real networks. Our team have found the most common passwords being used in brute force attacks, as…
Read More -
May
09
DragonForce: Inside the Ransomware-as-a-Service group
The popularity of Software-as-a-Service (SaaS) has exploded over the past decade. The benefits for organizations are obvious – SaaS is scalable, cost-effective, and doesn’t need complex installation or maintenance. Gartner expects global spending on SaaS to reach $3 billion in…
Read More -
May
07
Scattered Spider service desk attacks: How to defend your organization
Scattered Spider is a disparate hacking collective that has surged to prominence by using sophisticated social engineering tactics. One of their key tactics is exploiting people – specifically, corporate service desks. They’ve recently hit the headlines by allegedly duping an…
Read More -
Apr
30
M&S ransomware hack: Active Directory & Service Desk security lessons
M&S (Marks and Spencers) are a cornerstone of British retail with over 64,000 employees – so it was a shock for many to see them laid low by a ransomware attack in April 2025. The retail giant fell victim to…
Read More -
Apr
29
Could the Spain and Portugal blackout have been a cyber-attack?
‘Cyber-attack’ was the phrase on many people’s minds when large parts of Spain and Portugal were recently plunged into a blackout. Authorities are investigating the root cause, with early reports suggesting a technical malfunction caused by a ‘rare atmospheric phenomenon’.…
Read More -
Apr
28
Passkeys: Benefits, limitations, and will they replace passwords?
Major tech companies like Apple, Google, and Microsoft are actively supporting passkeys, and many popular websites and apps are beginning to adopt them. According to the FIDO Alliance, more than one billion people worldwide have now created at least one…
Read More -
Apr
22
Behavioral biometric authentication: Could it replace passwords?
Most people are pretty familiar with biometrics at this point. You scan your thumbprint, iris, or face as a way of identifying yourself and accessing a device or application. It’s a simple but effective way to add an extra security…
Read More -
Apr
15
Password spraying: Attack guide and prevention tips
The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on the…
Read More