Skip to main content

Spycloud Blog (Static)

Insights on ATO, the criminal underground, and more

2021 Annual Credential Exposure Report

Surprise: If your password includes a keyword like “covid,” “election,” or “sourdough,” you’re in good company. Find out what else we’ve learned from the 1.5 billion stolen credentials our researchers have recovered over the last year.

Read More

CISO Recipe for Peaceful Sleep

As CISO, your job may keep you up at night worrying about your employees’ and customers’ leaked credentials. There’s plenty to worry about, but you can take proactive steps to find more restful sleep.

Read More

Discord’s Dark (Web) Side

Displaced darknet communities have found a new home on Discord. See what’s being sold and traded – and learn what to do if you happen to come across these activities.

Read More

Breaking Down the SolarWinds Supply Chain Attack

It will be years – maybe decades – before we know the true extent of the fallout from the SolarWinds Orion software supply chain compromise. Based on what we know so far, SpyCloud has broken down the stages of this targeted, identity-based attack.

Read More

The New Identity Crisis

Weak or reused passwords still pose a huge risk factor for account takeover but as newer authentication techniques evolve, criminals are adapting.

Read More

Tips for Strong Passwords

What better occasion than World Password Day to share our top 5 tips for stronger passwords? These practices are the basis of a solid password framework for users and enterprises alike.

Read More

Trends in MFA in a WFH World

Increased adoption of MFA is a good thing for cybersecurity, especially as remote work grows in popularity – and preference – but humans remain the weakest link.

Read More

Unemployment Fraud: Who is Using Your Identity to Collect?

Criminals are using stolen credentials and PII to impersonate unemployed workers, diverting the funds from benefit claims into their own pockets. With $26 billion at risk, we provide recommendations for government agencies, fraud teams, employers and individuals on how to stop the bleed.

Read More

Was It a Breach or Credential Stuffing?

We’ve noticed a trend where media headlines equate data breaches & credential stuffing. The difference is critical for companies like Zoom, Nintendo, and Spotify, who made headlines in 2020 for the wrong reasons & suffered brand damage as a result.

Read More