The Latest from DoD’s Katie Arrington on CMMC – and Next Steps for DIB Suppliers Awaiting CMMC Audits
Recap of the takeaways from Ms. Arrington’s latest keynote + concrete advice from expert panelists on what to do now, before auditing begins.
A Deep Dive into the Verizon 2020 Data Breach Investigations Report
Stolen credentials are the top hacking tactic – for the fourth year running. Examine this + other trends from the 13th edition of the Verizon Data Breach Investigations Report.
Fact vs. Hype: Zoom Credential “Leak” Analysis
The alleged credential “leaks” of Zoom accounts were created using textbook credential stuffing attacks & old compromised 3rd-party databases. See how Zoom responded to what we discovered.
Technical Analysis: Nintendo Account-Checking Crimeware
Since early April, attackers have compromised 160,000 Nintendo accounts. SpyCloud researchers have identified source code for an account checker tool that was custom-built to target Nintendo customers.
Analyzing 136,000 New Domains with COVID-19 Themes
SpyCloud researchers have compiled, enriched, and analyzed a list of over 136,000 hostnames and fully qualified domain names with COVID-19 or coronavirus themes from a variety of publicly-available feeds.
White House Issues Guidance on Remote Worker Security
For employees working from home, how does our new (hopefully) temporary situation introduce risk, including data theft? Password security is more critical than ever.
SpyCloud Research: Breach Exposure of the Fortune 1000
We were able to tie more than 412 million breach assets within the SpyCloud database to employees within the Fortune 1000, providing a snapshot of the breach exposure affecting major enterprises.
PSA: 9 Ways Attackers Are Capitalizing on COVID-19
Cybercriminals are profiting off of coronavirus fears. SpyCloud summarizes 9 tactics security professionals should be aware of.
Mobile Device Security, A Multi-Faceted Approach
Shedding light on mobile threats as well as potential solutions including mobile threat defense, zero trust frameworks, and account takeover prevention measures.
Ransomware Paralysis? Attacks Against Local Governments on the Rise While Prevention Efforts Lag
Ransomware attacks against local governments and utilities continue to pile up, and hackers are putting pressure on victims by threatening to leak data to the public domain.
The Challenges of Multi-Factor Authentication in Your Security Program
Understand MFA implementation and adoption challenges and learn steps you can take to strengthen its effectiveness.
SpyCloud Research: Analyzing 515,000 Leaked Telnet Credentials
SpyCloud researchers have obtained and analyzed a set of over 515,000 Telnet credentials and IP addresses associated with vulnerable hosts that were leaked on a popular criminal forum.
2020 Annual Credential Exposure Report
Our 2020 report shows that password reuse continues to be a serious problem, leaving enterprises and their customers vulnerable to account takeover (ATO).
2020 Prediction: The Death of the Password Rotation Policy
Periodic forced password changes are frustrating for users and counterproductive for security. Here’s why they’ll go the way of the dinosaurs in 2020.
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
SpyCloud’s latest product offering helps you reduce your risk of a data breach by monitoring your third party relationships for breach exposures and sharing that data to aid remediation efforts.
How to Boost Employee Engagement in Your Security Awareness Program
To commemorate National Cybersecurity Awareness month, we’re sharing 9 practical tips from enterprise CISOs on how to increase participation in security awareness programs.
The Dark Web Is as Innovative as Ever
The largest dark markets may have been seized, but they always seem to persist. Fortunately, they’re run by humans and humans make mistakes.
Detect and Reset Compromised Passwords with Active Directory Guardian
SpyCloud has released a new & improved version of Active Directory Guardian that makes it easier for organizations to align with NIST password guidelines and reset exposed passwords automatically.
What To Do When Your Password is Exposed in a Data Breach
If your password has been compromised in a data breach, what can you do to protect your accounts? Learn the 5 steps to remediate password exposure.
Is Account Takeover an Underrated Risk?
According to a recent study, many security leaders are focused on the wrong risks. Account takeover is a primary risk that deserves more attention.
How long would it take to crack your password?
Passwords are a primary barrier to entry into your accounts and personal data. Learn how they are cracked and what you can do to prevent it.
SpyCloud Wins Best in Show at Digital Banking 2019
Financial services institutions are searching for a more effective solution to prevent consumer account takeover, awarding SpyCloud Best in Show at Digital Banking 2019.
The Unavoidable Side Effect of BYOD
BYOD has its benefits, but it can also have serious implications. Learn how to defend your organization from the risks.
These Fraudsters Are Hungry for Account Takeover
Lower-tier criminals are taking over fast food accounts to reap hot and fresh rewards–on your dime. By now you’ve probably
Would You Like Pepper on That Hash?
To laymen, the strange lexicon surrounding password security only makes the topic less approachable. What is a salt? What is
How SpyCloud Plans to Spend $21 Million in New Series B Funding
We recently announced $21 million in new capital led by M12, Microsoft’s venture fund. Here’s how we plan to grow.
2018 Annual Credential Exposure Report
2018 was a busy year for hackers. Interested to see just how busy, our annual credential exposure report breaks all the breaches down by the numbers.
Our Perspective on the “Collection” Combo Lists
Just how big was the so called Collections #1 “superbreach”? Turns out it was only 1 of 7 totalling more than 8B username and password records, and we’ve got the data on all the records
How the Grinch Carded Your Customers
This year, credit card fraud is down even though millennials are scoring more deals online. Here’s what that means for your organization.
The New Identity Crisis
Weak or reused passwords still pose a huge risk factor for account takeover but as newer authentication techniques evolve, criminals are adapting.
The Anatomy of Credential Stuffing
Credential stuffing attacks are on the rise. Learn more about how they’re done and what you can do to protect your organization.
Business Email Compromise (BEC) and Stolen Credentials
Business email compromise (BEC), has been used to defraud businesses out of over $3 billion. Know what to look for in these types of scams.
Why Old Passwords Still Matter
Old exposed passwords can do harm long after the initial compromise. Learn why you should be looking at old data, too.
What Is Corporate Account Takeover and What Can You Do to Prevent It?
Corporate account takeover is growing at an alarming rate. Find out what you should and shouldn’t do to prevent it.
Do Dark Web Monitoring Tools Work?
Do you ever wonder how the dark web works? Do you know what tools provide protection from what can happen in the dark web? We’ll break it down.
New Sextortion Scams Leverage Password Reuse
In a recent phishing attack, men around the globe are receiving a realistic email that could cost them thousands if they fall for it.
In Depth: The New Dark Markets
New markets on the dark web represent a shift in how underground goods are bought and sold. What does history have to say about how new markets will fare?
SpyCloud Hires CFO, Demonstrates Rapid Growth
Greater than 950 percent YoY rise in revenue indicates ATO prevention is a high priority for enterprises.
CISO Recipe for Peaceful Sleep
As CISO, your job may keep you up at night worrying about your employees’ and customers’ leaked credentials. There’s plenty to worry about, but you can take proactive steps to find more restful sleep.
What We Learned at The 2018 RSA Conference
Curious about the main takeaways at this year’s RSA Conference? David Endler, president and co-founder of SpyCloud offers his take.
Six Reasons for a False Sense of Security – ATOs
Think your account takeover prevention strategies give you 100% protection? We’ll show you why you should be skeptical.
Insights: Verizon 2018 Data Breach Report
Verizon released this year’s data breach report and not surprisingly, stolen credentials top the list. SpyCloud evaluates the findings with recommendations to every organization.
NIST Guidelines For Password Strength
Passwords need not be hard to remember. They just need to be hard to guess. NIST sets forth new guidelines to make creating strong passwords a bit easier.
Customer Account Takeover Can Be Prevented
What Is ATO and Why Should You Care? Because of widespread password reuse, Account Takeover (ATO) attacks have become an extremely lucrative business for cybercriminals.
2017 Annual Credential Exposure Report
2017 was a busy year for hackers. Interested to see just how busy, our annual credential exposure report breaks all the breaches down by the numbers.
Our Perspective – 1.4 Billion Clear Text Credentials
We’ve been asked to provide our point of view regarding 4iQ’s recent article advertised as “Largest Credential Breach Exposure”. The
How the Grinch Stole Your Customer’s Account
As early deal-hunters strategize ahead of Black Friday and Cyber Monday, so too, are cyber criminals strategizing to exploit the fact that security teams will be taking time off.
Taringa: Over 28 Million Users Exposed in Massive Data Breach
Over 28 million records were compromised as a result of the Taringa breach. See what your organization can do to prevent from being next.
SpyCloud Wins Best of Show Award for ATO Prevention at Finovate Fall 2017
We’re pleased to announce that SpyCloud has won the “Best of Show” award at Finovate Fall 2017!
SpyCloud Appoints Cisco and Thales e-Security Executives to its Board of Directors
SpyCloud welcomes two cybersecurity industry veterans to the team!
SpyCloud Chosen to Demo Cutting-Edge Account Takeover Prevention at FinovateFall 2017
SpyCloud, pioneers in breach discovery and credential recovery, showcased its solution at the 2017 FinovateFall conference.
SpyCloud Adds Industry Veterans to Leadership Team
SpyCloud expands their team by adding Alen Puzic as Chief Technology Office, and Jason Lancaster as Director of Security Research.
CyberDefenses Integrates SpyCloud into New Credential Tracking Service
CyberDefenses Inc. new Credential Tracking Service (CTS) integrates SpyCloud’s early-warning breach technology into its existing solution.
Criminals are using these tools to “crack” your website
Custom-built “cracking” tools are making it easier than ever for criminals to automate credential stuffing.
Press Release: SpyCloud Emerges From Stealth Mode
SpyCloud announces that it is coming out of stealth mode, after receiving $2.5 Million is seed funding.
SpyCloud is Named a Winner of NATO’s Defense Innovation Challenge
We’re proud to share that SpyCloud was the only US winner of the NATO Innovation Challenge. The challenge is aimed at accelerating transformational, state-of-the-art technology solutions in support of NATO’s cyber capabilities.
SpyCloud New Feature: Most Recent Alerts
Our development team is constantly pumping out new features, and we’re excited to highlight one that our customers have been asking for: Recent Records Alerts!
SpyCloud at the RSA Cybersecurity Conference
We had a great time exhibiting at the 2017 RSA cybersecurity conference in San Francisco, meeting new friends and reconnecting with many security industry brethren.
Opinion: Our Thoughts on LeakedSource
Several news agencies and security researchers have commented on the apparent FBI raid of LeakedSource. If you’re not familiar with the situation, this article from CSO covers it well.
Stop exposures from becoming account breaches.