User credentials are golden prizes for attackers. Weak or breached credentials provide an easy target for attackers looking to log in to a network instead of breaking in. Most businesses have caught on to the fact that multi-factor authentication... Read More
Blog
Categories
Six ways to apply the principle of least privilege to your Active Directory
The principle of least privilege is simple but important: it states that users only have the minimum access necessary to perform their job. For organizations using Active Directory (over 90% of the Fortune 100), this means the minimum necessary... Read More
Business email compromise: Practical ways to reduce your risk
Everyone uses email – you’d struggle to find a business that doesn’t. Unfortunately, for a form of digital communication we’ve been using since the 80s, it’s still very easy for cybercriminals to attack. As a result, email is the... Read More
[New Research] How hard is the MD5 hashing algorithm to crack?
The Specops research team is publishing new data on how long it takes attackers to brute force guess user passwords with the help of newer hardware. They’ve been specifically looking at passwords protected by the popular MD5 hashing algorithm.... Read More
What IT Teams should do about security concerns around the new Google Authenticator sync feature
Recent news of security concerns around a new feature in Google Authenticator may have IT teams wondering if they need to adjust any reliance on the app for authentication within their networks or apps their organizations use. Launched in... Read More
Long Live the Secure Password! Royal themes discovered within compromised password lists
With King Charles III’s coronation this weekend we’ve analyzed our Breached Password Protection list and discovered a royal connection. Around 350 million people are expected to watch May 6th’s historic coronation in the UK so we’re checking to see... Read More
May The Force stay far far away from your AD #StarWarsDay
It’s back and better than ever! We’re celebrating #StarWarsDay with an updated list of the most used Star Wars themed passwords that top the Specops Breached Password Protection list. The Specops Breached Password Protection database includes the HaveIBeenPwned list,... Read More
Cyber insurance requirements for Active Directory
If you’ve noticed that your organization’s cyber insurance premiums have increased over the last year, you’re not alone. With evolving cyber threats, the rise in ransomware attacks, and the ubiquity of hybrid and remote workforces, insurers are responding by... Read More
Stale user accounts report in Active Directory
Stale (inactive) user accounts in Active Directory can provide attackers (and former employees) with an easy path into a corporate network. Even if the stale user account is not a privileged account, it can be used for privilege escalation... Read More
Specops Password Policy 7.9 – Send Mail from Arbiter, Configure AD Sites for Improved Performance & more
Today we’ve released the latest version of our Active Directory password management solution, Specops Password Policy 7.9. In this post, we’ll take a look at what’s new: New: Optionally configure email to send via the Arbiter to help further... Read More