Marcus White

Deployment

Security

Technical

Marcus is a Specops cybersecurity specialist based in the UK, with 8+ years experience in the tech and cyber sectors. He writes about authentication, password security, password management, and compliance.

Articles written by Marcus White

Mar

27

ALIEN TXTBASE data-dump analysis: Dangerous or junk?

Specops researchers have been digging into the ALIEN TXTBASE data-dump, which was recently merged into the HaveIBeenPwned (HIBP) dataset by Troy Hunt. After some analysis of the over 200 million passwords in this dataset, we estimate about 20 million are…
Read More
Mar

26

NYDFS Cybersecurity Regulation: Up-to-date compliance guidance

The stakes are high when it comes to cybersecurity in the financial sector. Financial organizations house a lot of sensitive customer data, including login credentials, personally identifiable information (PII), and banking details. The New York State Department of Financial Services…
Read More
Mar

24

MFA alone isn’t enough: Protect both passwords and the logon

Any system secured behind just a username and password is asking for trouble. Research from Microsoft estimates that over 99% of account takeover attacks can be stopped if the end user has multi-factor authentication (MFA) enabled. MFA is pretty much…
Read More
Mar

18

[New research] Which passwords are attackers using against RDP ports right now?

The Specops research team has been analyzing 15 million passwords being used to attack RDP ports, in live attacks happening against networks right now. Our team have found the ten most common passwords attackers are using and analyzed their wordlists…
Read More
Mar

06

How cyber-realistic is Netflix’s Zero Day thriller?

The idea of an entire country being shut down by cyberattack is a scary thought. In Netflix’s recent thriller ‘Zero Day’, this is the reality faced by former president (played by Robert de Niro). To find out how realistic Zero…
Read More
Mar

05

HIBP adds 284M malware-stolen accounts: Takeaways on Telegram & infostealers

Leaked credentials are in high demand on underground marketplaces. A database of stolen credentials is a like a giant box of keys to a hacker. With the use of the right software, they can rapidly try these keys against user…
Read More
Mar

04

Introducing MFA for Windows Logon, RDP or VPN with Specops Secure Access

We’re excited to introduce Specops Secure Access: Multi-Factor Authentication (MFA) for Windows logon, RDP, and VPN — a powerful new way to add an extra layer of protection to your organization’s authentication process. By implementing MFA at key access points,…
Read More
Feb

27

Botnet targets Microsoft accounts with password spraying attack

A huge botnet (network of private computers infected with malware) of 130,000 devices has been targeting Microsoft 365 service accounts across the world. First discovered by SecurityScorecard on February 24th, the botnet appears to be engaged in a mass password…
Read More
Feb

24

HIPAA password requirements: Best practices for compliance

The digital transformation of healthcare has brought plenty of benefits, but it’s also introduced new challenges in protecting patient information. The Health Insurance Portability and Accountability Act (HIPAA) plays a critical role in ensuring that medical data remains secure. One…
Read More
Feb

24

Navigating HIPAA cybersecurity requirements: A guide for healthcare providers

Healthcare data is a prime target for hackers. It often includes personal identifying information (PII), medical records, insurance details, and financial information, which can be used for identity theft, insurance fraud, and other malicious activities. The high value of this…
Read More