Find out how a forgotten admin account with the weak password “123456” exposed McDonald’s AI hiring chatbot for putting user data at risk.| Specops Software
2025 has been a summer of high-profile breaches. This post will focus on four notable and high-profile victims: Chanel, Google, Air France, and KLM. Although the companies and exact data sets differ, these breaches share a clear pattern: attackers compromised third-party CRM / customer-service platforms as part of a wider Salesforce-focused vishing/social engineering campaign. From... The post Third-party risk: Behind the Google, Chanel, & Air France-KLM breaches appeared first on Specops Sof...| Specops Software
On February 25th, 2024, a sophisticated ransomware attack struck the City of Hamilton, crippling roughly 80 percent of its network. This included business licensing, property-tax processing, and transit-planning systems. Cybercriminals proceeded to demand an $18.5 million ransom that the city refused to pay. In April 2025, a new and interesting facet to this story emerged.... The post MFA failure costs Hamilton $18m in cyber insurance payout appeared first on Specops Software.| Specops Software
Businesses fail all the time, for all sorts of reasons. Especially startups and fledgling ventures. So when a business like Knights of Old (trading as KNP Logistics Group) survives a century and a half, through enough recessions, wars, government changes, and technological advances to fill many history books, it would be fair to say it’s... The post How one weak password destroyed KNP: A sad lesson in the cost of password neglect appeared first on Specops Software.| Specops Software
Learn how human error led to a serious ransomware attack against Clorox, and the steps your business can take to avoid the same.| Specops Software
Imagine this. A hacker frantically types code into a (punk sticker-laden, if the movies are accurate) laptop, trying to get around the active firewall that stands between them and access… Read More »They Didn’t Hack Your Firewall. They Logged In| CDInsights
Last week, cleaning products giant Clorox took the unusual step of suing its IT services partner Cognizant for gross negligence. Clorox are alleging that the August 2023 ransomware attack they suffered came about thanks to an incredibly simple piece of human error. According to the complaint, hackers tied to the “Scattered Spider” group simply phoned... The post “Can you reset my password?” How a simple service desk attack cost Clorox $400 million appeared first on Specops Software.| Specops Software - Password Security Tools for Active Directory
Cyber-attacks come in many forms and continue to evolve, but there’s one tried and trusted unauthorized entry method that’s stood the test of time – cracking a user’s password. Despite this, too many organizations still rely on outdated advice and brittle password policies. We’ll run through the five top password cracking techniques hackers use the... The post Hackers’ 5 top password cracking techniques appeared first on Specops Software.| Specops Software - Password Security Tools for Active Directory
Imagine you’re overseeing your organization’s network security when suddenly you notice an unusual traffic pattern: packets flowing through a server that shouldn’t be there. What you’re witnessing could be a Man-in-the-Middle (MITM) attack in action, where an adversary stealthily intercepts and manipulates data between trusted endpoints. We’ll explain what you need to know about MITM... The post Man-in-the-Middle (MITM) attack guide & defense tips appeared first on Specops Software.| Specops Software - Password Security Tools for Active Directory
Understand the cracking techniques hackers use the most, as well as some tips keeping your passwords secure.| Specops Software
Learn how RaaS providers DragonForce operate and how to avoid the initial breaches that lead to ransomware deployment.| Specops Software
Learn how Scattered Spider use social engineering to attack service desks and how you can stay protected. Practical defense tips.| Specops Software
Get the key lessons and takeaways from the M&S ransomware attack to help strengthen your Active Directory and Service Desk security.| Specops Software
Find what Specops researchers learned from analyzing the ALIEN TXTBASE data dump of leaked credentials. Who serious is it?| Specops Software
Learn how the attack played out and get expert advice on staying secure from password spraying attacks.| Specops Software
When credentials are compromised, the risk of a breach is high. Learn practical tips on creating an effective incident response plan.| Specops Software
Learn the most common types of password attacks, how credential-based attacks work, and where you should be bolstering your defenses.| Specops Software