SpyCloud Blog

Breaking down identity threats & prevention strategies

Sign up to get the latest cybercrime research, insights, and best practices in your inbox

Summer Cybercrime Trends, Recycled Leaks & Nefarious Nation-State Activity

From the “16 billion passwords” leak to trends in the Chinese criminal underground, our June cybercrime update breaks down the biggest cyber threats and news.
blog image for chinese hacking-for-hire analysis
State Secrets for Sale: More Leaks from the Chinese Hack-for-Hire Industry
SpyCloud Labs analyzes sample data from the VenusTech and Salt Typhoon data leaks as well as overall trends in the Chinese cybercriminal underground.
What’s Inside the Massive Chinese Data Leak
With over 4 billion records, it’s being dubbed the biggest leak of Chinese personal data ever. Here's what to know.
The LummaC2 Takedown, Attack Trends & Forum War Fighting
The LummaC2 Takedown, Attack Trends & Forum War Fighting
From the LummaC2 takedown to the BreachForums void, our May cybercrime update breaks down the biggest cyber threats & news.
Freshly Stolen: The New Age of Combolists
Freshly Stolen: The New Age of Combolists
ULP combolists often contain fresh infostealer data. Here’s what to know about ULP combolists, including how to defend your organization from credential theft & attacks.
April Cybercrime Update: BreachForums Down, A Big Twitter Leak & Atomic Stealer Infection Trends
April Cybercrime Update: BreachForums Down, A Big Twitter Leak & Atomic Stealer Infection Trends
From the Twitter/X breach to Atomic macOS Stealer infection trends, our April cybercrime update breaks down the biggest cyber threats and news.
2025 Verizon report
Breaking Down the 2025 Verizon Data Breach Investigations Report
Explore key takeaways from the 2025 Verizon DBIR. See how identity threats, ransomware, and third-party risks impact your defenses.
NIST’s Latest Password Update — The Best Practices Enterprises Need to Know
NIST’s Latest Password Update — The Best Practices Enterprises Need to Know
Learn about the latest NIST password best practices and SpyCloud solutions that prevent employees & consumers from using passwords exposed on the dark web.
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
We analyzed the nearly 200K leaked Black Basta chats and this is what we learned about their use of exposed credentials for ransomware operations.
Detect and Remediate Infostealer Malware Faster with SpyCloud + Your EDR
Detect and Remediate Infostealer Malware Faster with SpyCloud + Your EDR
Detect and remediate infostealer malware with SpyCloud’s EDR malware detection integrations, powering SOC teams with high-fidelity alerts for rapid response.
Residential Proxies, North Korean IT Workers & Smishing
Residential Proxies, North Korean IT Workers & Smishing
A deep dive into March’s cybercrime trends, including GhostSocks, North Korean IT workers, and pesky smishing campaigns.
How We Identified Fake North Korean IT Workers Using Identity Matching
See how malware infection logs can help organizations spot fake North Korean IT workers engaging in hiring fraud.
On the Hunt for Ghost(Socks)
On the Hunt for Ghost(Socks)
LummaC2’s link to GhostSocks reveals stealthy proxy access, long-term persistence, and advanced evasion—posing a serious threat to enterprise defenses.
SpyCloud’s 2025 Identity Exposure Report: Breaking Down the Identity Threat Landscape
SpyCloud’s 2025 Identity Exposure Report: Breaking Down the Identity Threat Landscape
Uncover the latest identity security threats in the 2025 Identity Exposure Report. Learn how cybercriminals are exploiting stolen data and what you can do to stop them.
Safeguarding the Modern Identity: Why It’s Time for a Shift to Holistic Identity Threat Protection
Safeguarding the Modern Identity: Why It’s Time for a Shift to Holistic Identity Threat Protection
Redefining threat protection is crucial as attackers weaponize stolen identities. In this blog, learn how to go beyond user accounts to secure today’s expanding identity perimeter and reduce risk.
5 Identity Protection Strategies for Government Agencies
5 Identity Protection Strategies for Government Agencies
Cybercriminals target government agencies to steal credentials and sensitive data. Learn five essential identity protection strategies to defend against cyber threats.
Cybercrime Wins in 2024: Major Takedowns & Arrests
Cybercrime Wins in 2024: Major Takedowns & Arrests
Discover the biggest wins from 2024 against cybercrime—from major infostealer takedowns to global ransomware crackdowns—and what they mean for the future of cybersecurity.
The Most Notable Data Breaches of 2024
The Most Notable Data Breaches of 2024
Headline-making breaches in 2024 exposed millions of records, compromising sensitive data. This blog explores what was stolen and the impact that has on security strategies to stay ahead.
Black Basta Leaks, B1ack’s Stash, & Billions of Stealer Log Records
Black Basta Leaks, B1ack’s Stash, & Billions of Stealer Log Records
A deep dive into February’s cybercrime trends, including Black Basta ransomware insights, stolen credit card databases, and the latest threat actor activities.
Properly Cleaning and Gutting Your Phish: How Cybercriminals Are Vetting Victim Data
Properly Cleaning and Gutting Your Phish: How Cybercriminals Are Vetting Victim Data
Bad actors use phishing gateway pages to screen and validate stolen data. Learn how they work and how to protect yourself from these attacks.
Remediate Active Directory Exposures within 5 Minutes
Remediate Active Directory Exposures within 5 Minutes
SpyCloud has released a new & improved version of Active Directory Guardian that identifies more exposed employee passwords and resets exposed passwords automatically.
First of 2025: Trending Cybercrime News & Analysis
First of 2025: Trending Cybercrime News & Analysis
The end of 2024 and start to 2025 had no shortage of cyber security hot topics to cover. Dig into our latest findings and insights in this blog.
Cybercrime Enablement Services: Underneath the Hood of a Multi-Trillion Dollar Industry
Cybercrime Enablement Services: Underneath the Hood of a Multi-Trillion Dollar Industry
The cybercrime industry today features specialists who offer cybercrime enablement services for anything a criminal doesn’t want to do – or can’t do – themselves. Learn more.
How Phishing Works: Behind the Scenes of Recent Cybercriminal Tactics
How Phishing Works: Behind the Scenes of Recent Cybercriminal Tactics
Phishing campaigns continue to rise in popularity and effectiveness for cybercriminals. Here’s a breakdown of how it works and what.
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
Discover how LummaC2 has evolved with new stealth tactics, enhanced theft capabilities & novel evasion techniques in our latest SpyCloud Labs analysis.
How Criminals Plan to Exploit Your Customers’ Stolen Data This Holiday Season
How Criminals Plan to Exploit Your Customers’ Stolen Data This Holiday Season
Criminals are ramping up to take advantage of retailers and customer accounts during peak holiday shopping season. Here’s what to have on your radar.
Cybercrime News & Analysis to Close Out the Year
Cybercrime News & Analysis to Close Out the Year
From big data leaks to cyber underground insights, SpyCloud tracked some of the top threats in 2024. Read our recap & 2025 predictions.
Why Cardholder Data on Threads Is a Growing Risk for Fraud & Security Teams
Why Cardholder Data on Threads Is a Growing Risk for Fraud & Security Teams
Cybercriminals are posting stolen credit card info & sensitive personal data on the Threads platform. Read the SpyCloud Labs analysis & get recommendations to prevent financial fraud.
Trending Cybercrime News & Analysis
Trending Cybercrime News & Analysis
This month, we’re breaking down the latest in cyber – from hot topics like Telegram, Operation Magnus, LockBit, and the arrest of USDoD to new research from SpyCloud Labs.
Say Goodbye to Hidden Identity Threats with SpyCloud’s New & Improved Enterprise Protection Dashboard
Say Goodbye to Hidden Identity Threats with SpyCloud’s New & Improved Enterprise Protection Dashboard
Explore SpyCloud's revamped Enterprise Protection Dashboard, offering security teams powerful visibility and tools to combat identity threats.
Legacy Malware Still Packs a Punch
Legacy Malware Still Packs a Punch
Legacy infostealer malware like Redline Stealer & Raccoon Stealer are still fueling cybercrime and threatening organizations. Here’s how to stay protected.
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem
Learn about the TTPs China-based threat actors refer to as SDK & DPI, as well as SGKs, which house exfiltrated data about Chinese residents.
Navigating the Complexities of Consumer Risk: A Guide to Preventing ATO Attacks
Navigating the Complexities of Consumer Risk: A Guide to Preventing ATO Attacks
The impacts of account takeover can affect your customer base and business long into the future, which is why prevention is so key. Here’s how SpyCloud helps organizations reduce ATO fraud.
Supercharge Your OSINT Investigations with SpyCloud
Supercharge Your OSINT Investigations with SpyCloud
SpyCloud Investigations with IDLink analytics is the ultimate force multiplier for analysts. See what’s possible and get a demo today.
Breaking Down the MC2 Data Breach
Breaking Down the MC2 Data Breach
The MC2 data breach contains extensive PII on customers and individuals who had their backgrounds screened with the service. Here’s what to know about the leak.
3 Workflows To Combat Rising Identity Threats with SpyCloud + Your SOAR
3 Workflows To Combat Rising Identity Threats with SpyCloud + Your SOAR
SpyCloud integrates with popular SOAR platforms so you can better detect, respond to, and remediate compromised employee identities. See how.
How Infostealers Are Bypassing New Chrome Security Feature to Steal User Session Cookies
How Infostealers Are Bypassing New Chrome Security Feature to Steal User Session Cookies
See how cybercriminals are bypassing Google Chrome’s App-Bound Encryption feature with infostealer malware to steal session cookies that can be used in session hijacking attacks.
A Guide to Preventing Ransomware Attacks: Essential Security Measures for Your Business
A Guide to Preventing Ransomware Attacks: Essential Security Measures for Your Business
Learn essential ransomware prevention tips for businesses, including how you can use SpyCloud to better protect your data.
2024 SpyCloud Defense Report Key Findings: What’s Fueling Ransomware This Year
2024 SpyCloud Defense Report Key Findings: What’s Fueling Ransomware This Year
Explore SpyCloud’s 2024 report on ransomware and malware exposure, and learn how security teams can turn the tide with next-gen defense strategies.
The Rise of Mobile Malware
The Rise of Mobile Malware
In this article, we dig into the alarming rise of mobile malware and what organizations can do to prevent and combat this growing threat.
The Curious Case of an Open Source Stealer: Phemedrone
The Curious Case of an Open Source Stealer: Phemedrone
SpyCloud Labs dissects the capabilities of the open source Phemedrone Stealer, including log encryption, configuration & victim targeting.
What to Know About the National Public Data Breach – Is it Worthy of the Hype?
What to Know About the National Public Data Breach – Is it Worthy of the Hype?
The National Public Data (NPD) breach includes nearly 2.7 billion leaked records – and hundreds of millions of Americans’ social security numbers. Here’s what to know.
5 Important Takeaways from IBM’s Cost of a Data Breach Report 2024
5 Important Takeaways from IBM’s Cost of a Data Breach Report 2024
The cost of a data breach rose again this year. Get the key findings from IBM’s Cost of a Data Breach Report 2024.
Infostealer Trends & The Resurgence of Keyloggers
Infostealer Trends & The Resurgence of Keyloggers
SpyCloud Labs digs into new infostealer malware variants like Kemicat and Mephedrone, as well as the resurgence of keyloggers like Snake.
Beyond OSINT: How to Accelerate Threat Actor Investigations with SpyCloud
Beyond OSINT: How to Accelerate Threat Actor Investigations with SpyCloud
Discover how your team can accelerate threat actor attribution with SpyCloud Investigations.
How to Address the Infostealer Malware Threat
How to Address the Infostealer Malware Threat
Infostealer malware specializes at slipping through the cracks. This new approach to malware remediation evens the playing field.
New Account Fraud: High Risks and High-Risk Customers
New Account Fraud: High Risks and High-Risk Customers
Account opening fraud is a top-priority concern, especially for financial institutions. Being able to distinguish between legitimate users and fraudsters is critical to Know Your Customer (KYC) requirements.
SpyCloud Compromised Credit Card API
Fraud Prevention with SpyCloud’s Compromised Credit Card API
SpyCloud has released a new Compromised Credit Card API – allowing credit card, gift card, & loyalty issuers to automatically monitor and detect exposed card numbers.
The SpyCloud Approach to Responsible Disclosure of Breached, Leaked, and Stolen Data
The SpyCloud Approach to Responsible Disclosure of Breached, Leaked, and Stolen Data
Learn how SpyCloud responsibly discloses breached, leaked & stolen data to victim organizations as part of our mission to make the internet safer.
Breaking Down the 2024 Verizon Data Breach Investigations Report
SpyCloud breaks down key points from the Verizon 2024 Data Breach Investigations Report. ✓ Read our recap of the highlights.
Using Breach and Malware Infection Data in Your MITRE ATT&CK Mapping
Using Breach and Malware Infection Data in Your MITRE ATT&CK Mapping
Here we break down two phases of the MITRE ATT&CK Framework – Reconnaissance and Resource Development – and why it’s critical to account for stolen data in your detection and attack prevention strategies.
Reversing Atomic macOS Stealer: Binaries, Backdoors & Browser Theft
Reversing Atomic macOS Stealer: Binaries, Backdoors & Browser Theft
SpyCloud Labs reverse-engineered Atomic macOS Stealer to get a better understanding of its current capabilities and the threat it poses to the security community. Here’s our analysis.
What to Watch for Following The Post Millennial Data Breach
What to Watch for Following The Post Millennial Data Breach
Here's what we found when we analyzed The Post Millennial data breach, including the types of exposed data assets contained in the 87 million leaked records.
Should Security Teams Invest in Continuous Zero Trust?
Should Security Teams Invest in Continuous Zero Trust?
Your Zero Trust policy engine is only as good as the data it receives. Find out how to best fuel it to achieve Continuous Zero Trust.
Mapping SpyCloud to NIS2 Directive Requirements
Mapping SpyCloud to NIS2 Directive Requirements
Discover how SpyCloud’s identity protection solutions help your business meet NIS2 Directive requirements.
What You Need to Know About Google DBSC & its Ability to Prevent Session Hijacking
What You Need to Know About Google DBSC & its Ability to Prevent Session Hijacking
Google announced a new feature called Device Bound Security Credentials (DBSC) for Chrome. Learn how it affects cookie theft and session hijacking.
How Canva Secures Employee Identities with SpyCloud and Tines
How Canva Secures Employee Identities with SpyCloud and Tines
Discover how Canva safeguards its employees with the powerful combination of SpyCloud Cybercrime Analytics and Tines' automated workflows.
3 New Infostealers to Watch This Year
3 New Infostealers to Watch This Year
We’ve added three new Windows infostealer malware families to our recaptured data repository. Learn about Xehook, Meduza, and Elusive.
2024 Identity Exposure Report: How Cybercriminals Are Upping the Game
2024 Identity Exposure Report: How Cybercriminals Are Upping the Game
Our 2024 Identity Exposure Report showcases just how big the stolen data problem is today. Here’s what we learned in our annual analysis of recaptured breach & malware data from the darknet.
How the Threat Actors at SpaxMedia Distribute Malware Globally
How the Threat Actors at SpaxMedia Distribute Malware Globally
Threat actors are using PPI networks to distribute malware families like LummaC2 and Atomic Stealer. Our researchers analyzed one of them – SpaxMedia – and here’s what we found.
Introducing the SpyCloud Cortex XSOAR Integration
Introducing the SpyCloud Cortex XSOAR Integration
SpyCloud’s integration with Cortex XSOAR bridges gaps between identity-related exposure incidents and corresponding incident response and remediation workflows.
“Pantsless Data”: Decoding Chinese Cybercrime TTPs
“Pantsless Data”: Decoding Chinese Cybercrime TTPs
SpyCloud Labs research uncovered unique Chinese threat actor TTPs for persistent data access, data acquisition, and data exfiltration.
What We Know About the MOAB Data Leak
What We Know About the MOAB Data Leak
Learn about the MOAB data leak and find out how much of the exposed data is already known, public, or outdated per SpyCloud Labs research.
Getting Started with SpyCloud
Getting Started with SpyCloud
What’s it like to actually be a SpyCloud customer? Here’s how we set our customers up for success from day one.
Behind the Scenes Research of a Successful Malware Traffer Team: Admin and the Four Dwarfs
Behind the Scenes Research of a Successful Malware Traffer Team: Admin and the Four Dwarfs
SpyCloud Labs researchers uncovered details about a cybercrime traffer team that is responsible for distributing malware families to victims around the globe.
SpyCloud Compass Malware Exposure Remediation Product Update: Stolen Cookie Indicator
SpyCloud Compass Malware Exposure Remediation Product Update: Stolen Cookie Indicator
SpyCloud Compass now includes stolen cookie data for malware infections to help you remediate employee exposures.
SOC Challenges: How to Protect Against Growing Identity Threats
SOC Challenges: How to Protect Against Growing Identity Threats
The SOC plays a crucial role in protecting employee identities and access to corporate data – but to do so they must overcome these common obstacles.
Reversing LummaC2 4.0: Updates, Bug Fixes
Reversing LummaC2 4.0: Updates, Bug Fixes
SpyCloud Labs analysts reverse-engineered LummaC2 Stealer and observed notable upgrades and capabilities to its code.
Get Ready to Supercharge Your Cyber Investigations with SpyCloud Investigations Portal
Get Ready to Supercharge Your Cyber Investigations with SpyCloud Investigations Portal
Your cybercrime investigations just got an easy button: Introducing the new SpyCloud Investigations Portal for easier, fast cyber investigations.
Why Threat Intel Isn’t Enough: Next-Gen Strategy for Combating Next-Gen Criminal Tactics
Why Threat Intel Isn’t Enough: Next-Gen Strategy for Combating Next-Gen Criminal Tactics
As threat actors pivot to next-gen tactics, traditional threat intelligence alone isn’t sufficient for safeguarding your critical assets and data.
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
SpyCloud Third Party Insight helps you prevent account takeover by monitoring your supply chain for breach and malware exposures and sharing that data to aid remediation efforts.
It Ain’t Over Til It’s Over: Why Post-Infection Remediation Is Needed to Truly Resolve Malware Infections
It Ain’t Over Til It’s Over: Why Post-Infection Remediation Is Needed to Truly Resolve Malware Infections
As threats from malware infections slip through security defenses, a new approach to preventing ransomware is necessary. With SpyCloud Compass, security teams can now conduct complete Post-Infection Remediation.
Prevalence of LummaC2 Infostealer Skyrockets Over 2000% in Just 6 Months
Prevalence of LummaC2 Infostealer Skyrockets Over 2000% in Just 6 Months
SpyCloud research shows a recent surge in the prevalence of the LummaC2 infostealer, rising 2000% in 6 short months.
Introducing the SpyCloud Microsoft Sentinel Integration
Introducing the SpyCloud Microsoft Sentinel Integration
The SpyCloud integration with Microsoft Sentinel helps security teams triage and remediate identity-related exposure incidents to prevent targeted account takeover and cyberattacks.
Top Ransomware Trends from the 2023 SpyCloud Report
Top Ransomware Trends from the 2023 SpyCloud Report
Read highlights from the 2023 SpyCloud Ransomware Report, including attack precursors, frequency, and costs affecting security teams & organizations.
The Hidden Costs of Ransomware Attacks
The Hidden Costs of Ransomware Attacks
The cost of a ransomware attack isn’t just a payment - negative brand reputation and loss of customers can hurt the bottom line, while employees mitigating an attack can impact productivity.
Botnets: The Information Stealers Mama Never Warned You About
Botnets: The Information Stealers Mama Never Warned You About
Get the lowdown on botnets, networks of computers infected by malware. See why they're dangerous and how to protect yourself.
4 Top Takeaways from Black Hat 2023
4 Top Takeaways from Black Hat 2023
Our team was busy on the floor at Black Hat 2023, but we also had some time to attend sessions and talk industry with colleagues and friends. Here's what we’re taking away from one of cybersecurity’s best events.
The Bad News About Infostealer Malware: There’s No Silver Bullet (But There IS More You Can Do)
The Bad News About Infostealer Malware: There’s No Silver Bullet (But There IS More You Can Do)
Find out what makes infostealer malware a unique threat, and how SOC teams should adjust traditional approaches to fully address the risk it poses.
Top Takeaways from IBM’s Cost of a Data Breach Report 2023
Top Takeaways from IBM’s Cost of a Data Breach Report 2023
The cost of a data breach keeps rising but there are concrete approaches for mitigating costs that work. Read the key findings from this year's IBM report.
SpyCloud Report: Gaps Still Loom in Malware Remediation
SpyCloud Report: Gaps Still Loom in Malware Remediation
Key findings and insights from over 300 security & IT leaders and practitioners surveyed by SpyCloud regarding the growing threat of infostealer malware and what companies are missing when it comes to remediation.
Digging Deeper: More Perspectives on Key Challenges Facing CISOs
Digging Deeper: More Perspectives on Key Challenges Facing CISOs
We uncovered a lot in feedback sessions with CISOs, so we offer even more insights around evolving authentication methods and ransomware defense vs. offense in the second blog in our series.
We Asked, They Answered: Hot Topics CISOs are Concerned About
We Asked, They Answered: Hot Topics CISOs are Concerned About
In ongoing conversations with CISOs, several topics stood out as top-of-mind for security leaders. We discuss their emerging concerns, including malware infection response and critical SOC team blind spots.
Key Takeaways from the Verizon 2023 Data Breach Investigations Report: A Look Back and A Way Forward
Key Takeaways from the Verizon 2023 Data Breach Investigations Report: A Look Back and A Way Forward
New year, same story: Credentials are king, ransomware is rampant, and human error prevails. We dig into the Verizon 2023 Data Breach Investigations Report and shed some light on what the future holds.
Ransomware May Be On Fire Now, But BEC Is Always Simmering
Ransomware May Be On Fire Now, But BEC Is Always Simmering
Despite being one of the oldest tricks in the cybercrime playbook, BEC scams continue to pose a significant threat to organizations, causing 64 times more losses than ransomware last year.
Plot Twist: Combolists Are Still A Threat
Plot Twist: Combolists Are Still A Threat
SpyCloud researchers break down the risk combolists provide to enterprises and security teams combating stolen credentials and how cybercriminals are still leveraging this age-old tactic.
Passkeys: Their Impact & Their Vulnerabilities
Passkeys: Their Impact & Their Vulnerabilities
With the shift from passwords to passkeys, security posture stands a chance at optimization. But it's still susceptible to compromise. We examine how.
Cyberattacks in a Passwordless World – The Emergence of Session Hijacking
Cyberattacks in a Passwordless World – The Emergence of Session Hijacking
A passwordless world is not one without cyberattacks. Session hijacking is one example that defeats passkeys. We examine its growing popularity.
Passwordless May Be The Future, But Is It a Cure-All?
Passwordless May Be The Future, But Is It a Cure-All?
Passwordless authentication feels like all the rage these days but it doesn’t come without its own challenges.
Corporate Darknet Exposure on the Rise Due to Malware
Corporate Darknet Exposure on the Rise Due to Malware
The dark web is crawling with compromised credentials and cookies from the largest companies in the US and UK. We cover takeaways from our reports on the Identity Exposure of the Fortune 1000 and FTSE 100.
5 Key Takeaways from RSAC 2023
5 Key Takeaways from RSAC 2023
RSAC’s 2023 theme of Stronger Together rang true throughout the event, with discussions on how to tackle and safely evolve AI’s impact on cybersecurity, third-party risk management, and the path forward for the industry.
What Is 2FA and Why Does It Matter?
What Is 2FA and Why Does It Matter?
We explore two-factor authentication (2FA) and multi-factor authentication (MFA) and why these added layers of security are critical to protecting your organization.
How Infostealer Malware Helps Ransomware Operators Hide in Plain Sight
How Infostealer Malware Helps Ransomware Operators Hide in Plain Sight
As malware attempts reach staggering heights, we dive into infostealer malware, including how it executes, the risks it poses, and how it can lead to follow-on attacks like ransomware.
A Rundown of Current Malware Trends From the Darknet
A Rundown of Current Malware Trends From the Darknet
Our resident security research expert discusses malware trends – including why we’re finding screenshots of victims’ desktops among the exfiltrated data.
Why Identity is at the Core of a Federal Zero Trust Strategy
Why Identity is at the Core of a Federal Zero Trust Strategy
Key tenets of the government’s zero trust strategy include MFA and secure password policies. With identity at the core of zero trust, we offer recommendations for successful strategy implementation.
SpyCloud Annual Report: Malware is Making Its Mark on the Darknet
SpyCloud Annual Report: Malware is Making Its Mark on the Darknet
This year’s report focuses on the growing risk of malware infections. With half of the exposed credentials coming from botnet logs, our recaptured data shows a shift in cybercriminal trends.
SpyCloud Embraces Equity in Tech on International Women’s Day
SpyCloud Embraces Equity in Tech on International Women’s Day
In honor of International Women’s Day during Women’s History Month, female leaders at SpyCloud discuss their careers in technology and offer advice to other women entering the field.
7 Steps of a Complete Malware Incident Response Plan
7 Steps of a Complete Malware Incident Response Plan
We break down the steps that enable the shift from a machine-focused approach to malware infection response to an identity-focused approach that truly reduces the enterprise’s risk of ransomware.
What To Do When Your Password is Exposed in a Data Breach
What To Do When Your Password is Exposed in a Data Breach
When you’re alerted that your password was included in a data breach, what can you do to protect your accounts? Learn the implications of exposed credentials and 4 steps to exposed passwords.
What Motivates Cybercriminals to Run Malware Campaigns?
What Motivates Cybercriminals to Run Malware Campaigns?
While money is a common and obvious motivation for malware campaigns, we examine various motivating factors behind malware, including hacktivism and notoriety.
2022 in Review: The Year of Ransomware
2022 in Review: The Year of Ransomware
Ransomware has been a growing cyber threat for several years but with increased sophistication and methods it seems like 2022 was really the year it took off. Here we break down the trends and ways organizations can better prepare in 2023 and beyond!
Fool Me Once: How Botnets Help Malicious Actors Pose as Your Employees (And What Enterprises Can Do About It)
Fool Me Once: How Botnets Help Malicious Actors Pose as Your Employees (And What Enterprises Can Do About It)
Botnets are one of the tools that enable bad actors to carry out extensive infostealer attacks. We discuss the risks of botnets, infostealers, and malware infections, and how to close ransomware visibility gaps.
Passwords, Passkeys, Cookies, MFA – Authentication Methods are Under Attack
Passwords, Passkeys, Cookies, MFA – Authentication Methods are Under Attack
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
What is Session Hijacking and How Do You Prevent It?
What is Session Hijacking and How Do You Prevent It?
Session cookies siphoned from unmanaged devices infected with malware pose a significant threat to enterprises. Learn how criminals use stolen web session cookies to access enterprises and launch cyberattacks.
Dark Web Market BidenCash: 30%+ of Credit Cards are Old News
Dark Web Market BidenCash: 30%+ of Credit Cards are Old News
An analysis of the newly launched underground carding marketplace data against SpyCloud’s recaptured data shows the leaked information existed on the dark web prior to its recent disclosure - but does that make it any less powerful in the hands of a criminal?
Outsourcing Initial Access: Ransomware Groups Don’t Break In, They Log In.
Outsourcing Initial Access: Ransomware Groups Don’t Break In, They Log In.
Monetizing network access is not a new scheme, but the emergence of Ransomware-as-a-Service (RaaS) operators has created a market for specialized actors called Initial Access Brokers (IABs).
Balancing Act: Tackling the Top Ecommerce Fraud Challenges
Balancing Act: Tackling the Top Ecommerce Fraud Challenges
The question, ‘is this a legitimate customer or a criminal?’ can be answered with a new approach to preventing fraud that goes beyond identity verification.
Tips for Strong Passwords
Tips for Strong Passwords
With stolen credentials being the #1 entry point for cybercriminals, password security has never been more critical. We offer five tips for stronger passwords for users and enterprises alike.
The Most Overlooked Ransomware Defenses
The Most Overlooked Ransomware Defenses
We dig into key findings from our annual survey of more than 300 security leaders, including the role malware plays in ransomware attacks and the missing piece of incident response.
Roses Are Red(Line): Why Credential-Stealing Malware is Giving SOC Teams the Blues
Roses Are Red(Line): Why Credential-Stealing Malware is Giving SOC Teams the Blues
One of the biggest challenges in ransomware prevention is the lack of visibility into credential-stealing malware. Get insights on how these infections work and why malware causes headaches for SOC teams.
Three Common Entry Points for Ransomware
Three Common Entry Points for Ransomware
Understanding ransomware entry points is critical to preventing attacks in the first place. We examine three common access points for ransomware and discuss how to close gaps in your prevention strategy.
CISOs Sound Off: Survey Shows CISO Challenges and Priorities
CISOs Sound Off: Survey Shows CISO Challenges and Priorities
A survey of CISOs found key insights on challenges facing top security leaders, including protecting against ransomware, implementing Zero Trust models, and the need for automated solutions.
Too Much, Too Little, or Just Right: How to Spot the Signs of Synthetic Identity Fraud
Too Much, Too Little, or Just Right: How to Spot the Signs of Synthetic Identity Fraud
Synthetic identity fraud is a $20B problem, but it's not impossible to prevent. We break down the 2 telltale signs. As it turns out, too much information is just as suspicious as not enough when it comes to detecting constructed identities.
Connecting the Dots: Fight Organized Retail Crime (ORC) With Recaptured Data
Connecting the Dots: Fight Organized Retail Crime (ORC) With Recaptured Data
Criminals are going omni-channel with Organized Retail Crime. Learn more about this type of fraud and see how the digital and physical worlds can collide to solve ORC cases.
Lessons Learned From the Front Lines in the Fight Against Fraud
Lessons Learned From the Front Lines in the Fight Against Fraud
Leaders in fraud prevention share insights and experiences about how fraud teams enable revenue and foster collaboration from our MRC 2022 panel discussion.
Three’s a Crowd: Breaking Down Triangulation Fraud
Three’s a Crowd: Breaking Down Triangulation Fraud
As online shopping continues to boom, both consumers and retailers should be aware of triangulation fraud. Learn more about this tactic, how it works, and how you (and your business) can avoid getting caught up in it.
Risky Business: Why a Strong Security Culture Should Be a Top Priority for All Bosses
Risky Business: Why a Strong Security Culture Should Be a Top Priority for All Bosses
Enterprise leaders and boards of directors are constantly juggling the multitude of responsibilities they have to the business. Our CEO, Ted Ross, explains why cybersecurity should be at the top of the list.
The Future of Passwordless Authentication Is…Probably More Passwords
The Future of Passwordless Authentication Is…Probably More Passwords
We'd like to believe that passwords are just a hop-skip-jump away from being obsolete but the truth is, we're still not quite ready for a passwordless world.
2021 Ransomware Defense Report: Breaking Down Key Findings
2021 Ransomware Defense Report: Breaking Down Key Findings
A summary of key findings from 250 U.S. Enterprise Security Leaders about the state of Ransomware Defense. Spoiler Alert: It's not all bad news.
Rethinking Trust: Adapting to the Reality of Supply Chain Compromise
Rethinking Trust: Adapting to the Reality of Supply Chain Compromise
In an interconnected business world where organizations depend on hundreds of separate technologies and vendors, third-party access offers a reliably weak spot in any security posture.
Password Hygiene: A Prerequisite for Higher Education
Password Hygiene: A Prerequisite for Higher Education
Poor cybersecurity hygiene has made colleges & universities prime targets for ransomware. How can these institutions make security an educational priority?
5 Years of Risk: How Cybersecurity Threats Continue to Evolve
5 Years of Risk: How Cybersecurity Threats Continue to Evolve
A look back at the threat landscape that experts were predicting over the last five years to see how the industry has changed – and what could be ahead.
Ransomware: A Global Threat with Local Consequences
Ransomware: A Global Threat with Local Consequences
As the U.S. federal government addresses the ransomware scourge, state and local governments are left unprepared and caught in the crosshairs.
Trends in MFA in a WFH World
Trends in MFA in a WFH World
Increased adoption of MFA is a good thing for cybersecurity, especially as remote work grows in popularity – and preference – but humans remain the weakest link.
Was It a Breach or Credential Stuffing?
Was It a Breach or Credential Stuffing?
We've noticed a trend where media headlines equate data breaches & credential stuffing. The difference is critical for companies like Zoom, Nintendo, and Spotify, who made headlines in 2020 for the wrong reasons & suffered brand damage as a result.
Is Multi-Factor Authentication Like a Splinter in Your Mind?
Is Multi-Factor Authentication Like a Splinter in Your Mind?
MFA keeping you up at night? It probably should. Check out these common MFA bypass techniques and why another layer of account protection is necessary.
Cryptography of the Cracking World
Cryptography of the Cracking World
Dictionaries, combolists, rainbow tables...We explain the terms used within online “cracking communities” and what they mean for us as defenders.
Business Email Compromise (BEC) and Stolen Credentials
Business Email Compromise (BEC) and Stolen Credentials
Business email compromise (BEC), has been used to defraud businesses out of over $3 billion. Know what to look for in these types of scams.
Out with the Old: It’s Time to Abandon Outdated Active Directory Password “Best Practices”
Out with the Old: It’s Time to Abandon Outdated Active Directory Password “Best Practices”
Many years’ worth of accumulated best practices have mostly helped strengthen Active Directory security, but a few long-standing beliefs about enforcing password policies are actually outdated.
Never Waste a Crisis: Best Practices for Managing Large-Scale Data Breaches
Never Waste a Crisis: Best Practices for Managing Large-Scale Data Breaches
Questions to ask yourself as you prepare breach prevention & response plans, based on our conversations with CISOs who have survived major breaches that exposed customer data.
Credential Stuffing vs. Password Spraying
Credential Stuffing vs. Password Spraying
Dig into the differences between these two common attack types, and how you can prevent account takeovers that stem from either one.
Surviving a Data Breach at Anthem: A CISO’s Perspective
Surviving a Data Breach at Anthem: A CISO’s Perspective
The cost of a data breach in the healthcare industry is now at an all-time high: $7.13M. Roy Mellinger, former Anthem CISO, shares his perspective & lessons learned from their 2015 breach – takeaways that are relevant for security leaders from all industries.
Discord’s Dark (Web) Side
Discord’s Dark (Web) Side
Displaced darknet communities have found a new home on Discord. See what's being sold and traded – and learn what to do if you happen to come across these activities.
SpyCloud Research: Breach Exposure of the Fortune 1000
SpyCloud Research: Breach Exposure of the Fortune 1000
We were able to tie more than 412 million breach assets within the SpyCloud database to employees within the Fortune 1000, providing a snapshot of the breach exposure affecting major enterprises.
Mobile Device Security, A Multi-Faceted Approach
Mobile Device Security, A Multi-Faceted Approach
Shedding light on mobile threats as well as potential solutions including mobile threat defense, zero trust frameworks, and account takeover prevention measures.
Ransomware Attacks Against Local Governments on the Rise While Prevention Efforts Lag
Ransomware Attacks Against Local Governments on the Rise While Prevention Efforts Lag
Ransomware attacks against local governments and utilities continue to pile up, and hackers are putting pressure on victims by threatening to leak data to the public domain.
The Challenges of Multi-Factor Authentication in Your Security Program
The Challenges of Multi-Factor Authentication in Your Security Program
Understand MFA implementation and adoption challenges and learn steps you can take to strengthen its effectiveness.
How to Increase Employee Engagement in Your Security Awareness Program
How to Increase Employee Engagement in Your Security Awareness Program
To commemorate National Cybersecurity Awareness month, we’re sharing 9 practical tips from enterprise CISOs on how to increase participation in security awareness programs.
The Dark Web Is as Innovative as Ever
The largest dark markets may have been seized, but they always seem to persist. Fortunately, they’re run by humans and humans make mistakes.
How long would it take to crack your password?
How long would it take to crack your password?
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
The Unavoidable Side Effect of BYOD
The Unavoidable Side Effect of BYOD
BYOD has its benefits, but it can also have serious implications. Learn how to defend your organization from the risks.
Why Old Passwords Still Matter
Why Old Passwords Still Matter
Old exposed passwords can do harm long after the initial compromise. Learn why you should be looking at old data, too.
In Depth: The New Dark Markets
In Depth: The New Dark Markets
New markets on the dark web represent a shift in how underground goods are bought and sold. What does history have to say about how new markets will fare?
SpyCloud Hires CFO, Demonstrates Rapid Growth
SpyCloud Hires CFO, Demonstrates Rapid Growth
Greater than 950 percent YoY rise in revenue indicates ATO prevention is a high priority for enterprises.
CISO Recipe for Peaceful Sleep
CISO Recipe for Peaceful Sleep
As CISO, your job may keep you up at night worrying about your employees’ and customers’ leaked credentials. There’s plenty to worry about, but you can take proactive steps to find more restful sleep.
Criminals are using these tools to “crack” your website
Criminals are using these tools to “crack” your website
Custom-built “cracking” tools are making it easier than ever for criminals to automate credential stuffing. 
SpyCloud New Feature: Most Recent Alerts
SpyCloud New Feature: Most Recent Alerts
Our development team is constantly pumping out new features, and we’re excited to highlight one that our customers have been asking for: Recent Records Alerts!
NIST’s Latest Password Update — The Best Practices Enterprises Need to Know
NIST’s Latest Password Update — The Best Practices Enterprises Need to Know
Learn about the latest NIST password best practices and SpyCloud solutions that prevent employees & consumers from using passwords exposed on the dark web.
How Infostealers Are Bypassing New Chrome Security Feature to Steal User Session Cookies
How Infostealers Are Bypassing New Chrome Security Feature to Steal User Session Cookies
See how cybercriminals are bypassing Google Chrome’s App-Bound Encryption feature with infostealer malware to steal session cookies that can be used in session hijacking attacks.
What You Need to Know About Google DBSC & its Ability to Prevent Session Hijacking
What You Need to Know About Google DBSC & its Ability to Prevent Session Hijacking
Google announced a new feature called Device Bound Security Credentials (DBSC) for Chrome. Learn how it affects cookie theft and session hijacking.
Plot Twist: Combolists Are Still A Threat
Plot Twist: Combolists Are Still A Threat
SpyCloud researchers break down the risk combolists provide to enterprises and security teams combating stolen credentials and how cybercriminals are still leveraging this age-old tactic.
Passkeys: Their Impact & Their Vulnerabilities
Passkeys: Their Impact & Their Vulnerabilities
With the shift from passwords to passkeys, security posture stands a chance at optimization. But it's still susceptible to compromise. We examine how.
Passwordless May Be The Future, But Is It a Cure-All?
Passwordless May Be The Future, But Is It a Cure-All?
Passwordless authentication feels like all the rage these days but it doesn’t come without its own challenges.
What Is 2FA and Why Does It Matter?
What Is 2FA and Why Does It Matter?
We explore two-factor authentication (2FA) and multi-factor authentication (MFA) and why these added layers of security are critical to protecting your organization.
Passwords, Passkeys, Cookies, MFA – Authentication Methods are Under Attack
Passwords, Passkeys, Cookies, MFA – Authentication Methods are Under Attack
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
What is Session Hijacking and How Do You Prevent It?
What is Session Hijacking and How Do You Prevent It?
Session cookies siphoned from unmanaged devices infected with malware pose a significant threat to enterprises. Learn how criminals use stolen web session cookies to access enterprises and launch cyberattacks.
Tips for Strong Passwords
Tips for Strong Passwords
With stolen credentials being the #1 entry point for cybercriminals, password security has never been more critical. We offer five tips for stronger passwords for users and enterprises alike.
The Future of Passwordless Authentication Is…Probably More Passwords
The Future of Passwordless Authentication Is…Probably More Passwords
We'd like to believe that passwords are just a hop-skip-jump away from being obsolete but the truth is, we're still not quite ready for a passwordless world.
Trends in MFA in a WFH World
Trends in MFA in a WFH World
Increased adoption of MFA is a good thing for cybersecurity, especially as remote work grows in popularity – and preference – but humans remain the weakest link.
Is Multi-Factor Authentication Like a Splinter in Your Mind?
Is Multi-Factor Authentication Like a Splinter in Your Mind?
MFA keeping you up at night? It probably should. Check out these common MFA bypass techniques and why another layer of account protection is necessary.
Out with the Old: It’s Time to Abandon Outdated Active Directory Password “Best Practices”
Out with the Old: It’s Time to Abandon Outdated Active Directory Password “Best Practices”
Many years’ worth of accumulated best practices have mostly helped strengthen Active Directory security, but a few long-standing beliefs about enforcing password policies are actually outdated.
The Challenges of Multi-Factor Authentication in Your Security Program
The Challenges of Multi-Factor Authentication in Your Security Program
Understand MFA implementation and adoption challenges and learn steps you can take to strengthen its effectiveness.
Why Old Passwords Still Matter
Why Old Passwords Still Matter
Old exposed passwords can do harm long after the initial compromise. Learn why you should be looking at old data, too.
NIST’s Latest Password Update — The Best Practices Enterprises Need to Know
NIST’s Latest Password Update — The Best Practices Enterprises Need to Know
Learn about the latest NIST password best practices and SpyCloud solutions that prevent employees & consumers from using passwords exposed on the dark web.
Navigating the Complexities of Consumer Risk: A Guide to Preventing ATO Attacks
Navigating the Complexities of Consumer Risk: A Guide to Preventing ATO Attacks
The impacts of account takeover can affect your customer base and business long into the future, which is why prevention is so key. Here’s how SpyCloud helps organizations reduce ATO fraud.
3 Workflows To Combat Rising Identity Threats with SpyCloud + Your SOAR
3 Workflows To Combat Rising Identity Threats with SpyCloud + Your SOAR
SpyCloud integrates with popular SOAR platforms so you can better detect, respond to, and remediate compromised employee identities. See how.
Should Security Teams Invest in Continuous Zero Trust?
Should Security Teams Invest in Continuous Zero Trust?
Your Zero Trust policy engine is only as good as the data it receives. Find out how to best fuel it to achieve Continuous Zero Trust.
Mapping SpyCloud to NIS2 Directive Requirements
Mapping SpyCloud to NIS2 Directive Requirements
Discover how SpyCloud’s identity protection solutions help your business meet NIS2 Directive requirements.
SOC Challenges: How to Protect Against Growing Identity Threats
SOC Challenges: How to Protect Against Growing Identity Threats
The SOC plays a crucial role in protecting employee identities and access to corporate data – but to do so they must overcome these common obstacles.
Why Threat Intel Isn’t Enough: Next-Gen Strategy for Combating Next-Gen Criminal Tactics
Why Threat Intel Isn’t Enough: Next-Gen Strategy for Combating Next-Gen Criminal Tactics
As threat actors pivot to next-gen tactics, traditional threat intelligence alone isn’t sufficient for safeguarding your critical assets and data.
Why Identity is at the Core of a Federal Zero Trust Strategy
Why Identity is at the Core of a Federal Zero Trust Strategy
Key tenets of the government’s zero trust strategy include MFA and secure password policies. With identity at the core of zero trust, we offer recommendations for successful strategy implementation.
What To Do When Your Password is Exposed in a Data Breach
What To Do When Your Password is Exposed in a Data Breach
When you’re alerted that your password was included in a data breach, what can you do to protect your accounts? Learn the implications of exposed credentials and 4 steps to exposed passwords.
Tips for Strong Passwords
Tips for Strong Passwords
With stolen credentials being the #1 entry point for cybercriminals, password security has never been more critical. We offer five tips for stronger passwords for users and enterprises alike.
The Most Overlooked Ransomware Defenses
The Most Overlooked Ransomware Defenses
We dig into key findings from our annual survey of more than 300 security leaders, including the role malware plays in ransomware attacks and the missing piece of incident response.
CISOs Sound Off: Survey Shows CISO Challenges and Priorities
CISOs Sound Off: Survey Shows CISO Challenges and Priorities
A survey of CISOs found key insights on challenges facing top security leaders, including protecting against ransomware, implementing Zero Trust models, and the need for automated solutions.
Lessons Learned From the Front Lines in the Fight Against Fraud
Lessons Learned From the Front Lines in the Fight Against Fraud
Leaders in fraud prevention share insights and experiences about how fraud teams enable revenue and foster collaboration from our MRC 2022 panel discussion.
Risky Business: Why a Strong Security Culture Should Be a Top Priority for All Bosses
Risky Business: Why a Strong Security Culture Should Be a Top Priority for All Bosses
Enterprise leaders and boards of directors are constantly juggling the multitude of responsibilities they have to the business. Our CEO, Ted Ross, explains why cybersecurity should be at the top of the list.
The Future of Passwordless Authentication Is…Probably More Passwords
The Future of Passwordless Authentication Is…Probably More Passwords
We'd like to believe that passwords are just a hop-skip-jump away from being obsolete but the truth is, we're still not quite ready for a passwordless world.
Rethinking Trust: Adapting to the Reality of Supply Chain Compromise
Rethinking Trust: Adapting to the Reality of Supply Chain Compromise
In an interconnected business world where organizations depend on hundreds of separate technologies and vendors, third-party access offers a reliably weak spot in any security posture.
Never Waste a Crisis: Best Practices for Managing Large-Scale Data Breaches
Never Waste a Crisis: Best Practices for Managing Large-Scale Data Breaches
Questions to ask yourself as you prepare breach prevention & response plans, based on our conversations with CISOs who have survived major breaches that exposed customer data.
Surviving a Data Breach at Anthem: A CISO’s Perspective
Surviving a Data Breach at Anthem: A CISO’s Perspective
The cost of a data breach in the healthcare industry is now at an all-time high: $7.13M. Roy Mellinger, former Anthem CISO, shares his perspective & lessons learned from their 2015 breach – takeaways that are relevant for security leaders from all industries.
How to Increase Employee Engagement in Your Security Awareness Program
How to Increase Employee Engagement in Your Security Awareness Program
To commemorate National Cybersecurity Awareness month, we’re sharing 9 practical tips from enterprise CISOs on how to increase participation in security awareness programs.
The Unavoidable Side Effect of BYOD
The Unavoidable Side Effect of BYOD
BYOD has its benefits, but it can also have serious implications. Learn how to defend your organization from the risks.
CISO Recipe for Peaceful Sleep
CISO Recipe for Peaceful Sleep
As CISO, your job may keep you up at night worrying about your employees’ and customers’ leaked credentials. There’s plenty to worry about, but you can take proactive steps to find more restful sleep.
How We Identified Fake North Korean IT Workers Using Identity Matching
See how malware infection logs can help organizations spot fake North Korean IT workers engaging in hiring fraud.
SpyCloud’s 2025 Identity Exposure Report: Breaking Down the Identity Threat Landscape
SpyCloud’s 2025 Identity Exposure Report: Breaking Down the Identity Threat Landscape
Uncover the latest identity security threats in the 2025 Identity Exposure Report. Learn how cybercriminals are exploiting stolen data and what you can do to stop them.
Safeguarding the Modern Identity: Why It’s Time for a Shift to Holistic Identity Threat Protection
Safeguarding the Modern Identity: Why It’s Time for a Shift to Holistic Identity Threat Protection
Redefining threat protection is crucial as attackers weaponize stolen identities. In this blog, learn how to go beyond user accounts to secure today’s expanding identity perimeter and reduce risk.
The Most Notable Data Breaches of 2024
The Most Notable Data Breaches of 2024
Headline-making breaches in 2024 exposed millions of records, compromising sensitive data. This blog explores what was stolen and the impact that has on security strategies to stay ahead.
How Phishing Works: Behind the Scenes of Recent Cybercriminal Tactics
How Phishing Works: Behind the Scenes of Recent Cybercriminal Tactics
Phishing campaigns continue to rise in popularity and effectiveness for cybercriminals. Here’s a breakdown of how it works and what.
How Criminals Plan to Exploit Your Customers’ Stolen Data This Holiday Season
How Criminals Plan to Exploit Your Customers’ Stolen Data This Holiday Season
Criminals are ramping up to take advantage of retailers and customer accounts during peak holiday shopping season. Here’s what to have on your radar.
Navigating the Complexities of Consumer Risk: A Guide to Preventing ATO Attacks
Navigating the Complexities of Consumer Risk: A Guide to Preventing ATO Attacks
The impacts of account takeover can affect your customer base and business long into the future, which is why prevention is so key. Here’s how SpyCloud helps organizations reduce ATO fraud.
New Account Fraud: High Risks and High-Risk Customers
New Account Fraud: High Risks and High-Risk Customers
Account opening fraud is a top-priority concern, especially for financial institutions. Being able to distinguish between legitimate users and fraudsters is critical to Know Your Customer (KYC) requirements.
Using Breach and Malware Infection Data in Your MITRE ATT&CK Mapping
Using Breach and Malware Infection Data in Your MITRE ATT&CK Mapping
Here we break down two phases of the MITRE ATT&CK Framework – Reconnaissance and Resource Development – and why it’s critical to account for stolen data in your detection and attack prevention strategies.
Why Threat Intel Isn’t Enough: Next-Gen Strategy for Combating Next-Gen Criminal Tactics
Why Threat Intel Isn’t Enough: Next-Gen Strategy for Combating Next-Gen Criminal Tactics
As threat actors pivot to next-gen tactics, traditional threat intelligence alone isn’t sufficient for safeguarding your critical assets and data.
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
SpyCloud Third Party Insight helps you prevent account takeover by monitoring your supply chain for breach and malware exposures and sharing that data to aid remediation efforts.
4 Top Takeaways from Black Hat 2023
4 Top Takeaways from Black Hat 2023
Our team was busy on the floor at Black Hat 2023, but we also had some time to attend sessions and talk industry with colleagues and friends. Here's what we’re taking away from one of cybersecurity’s best events.
Digging Deeper: More Perspectives on Key Challenges Facing CISOs
Digging Deeper: More Perspectives on Key Challenges Facing CISOs
We uncovered a lot in feedback sessions with CISOs, so we offer even more insights around evolving authentication methods and ransomware defense vs. offense in the second blog in our series.
We Asked, They Answered: Hot Topics CISOs are Concerned About
We Asked, They Answered: Hot Topics CISOs are Concerned About
In ongoing conversations with CISOs, several topics stood out as top-of-mind for security leaders. We discuss their emerging concerns, including malware infection response and critical SOC team blind spots.
Ransomware May Be On Fire Now, But BEC Is Always Simmering
Ransomware May Be On Fire Now, But BEC Is Always Simmering
Despite being one of the oldest tricks in the cybercrime playbook, BEC scams continue to pose a significant threat to organizations, causing 64 times more losses than ransomware last year.
Cyberattacks in a Passwordless World – The Emergence of Session Hijacking
Cyberattacks in a Passwordless World – The Emergence of Session Hijacking
A passwordless world is not one without cyberattacks. Session hijacking is one example that defeats passkeys. We examine its growing popularity.
5 Key Takeaways from RSAC 2023
5 Key Takeaways from RSAC 2023
RSAC’s 2023 theme of Stronger Together rang true throughout the event, with discussions on how to tackle and safely evolve AI’s impact on cybersecurity, third-party risk management, and the path forward for the industry.
A Rundown of Current Malware Trends From the Darknet
A Rundown of Current Malware Trends From the Darknet
Our resident security research expert discusses malware trends – including why we’re finding screenshots of victims’ desktops among the exfiltrated data.
Dark Web Market BidenCash: 30%+ of Credit Cards are Old News
Dark Web Market BidenCash: 30%+ of Credit Cards are Old News
An analysis of the newly launched underground carding marketplace data against SpyCloud’s recaptured data shows the leaked information existed on the dark web prior to its recent disclosure - but does that make it any less powerful in the hands of a criminal?
Too Much, Too Little, or Just Right: How to Spot the Signs of Synthetic Identity Fraud
Too Much, Too Little, or Just Right: How to Spot the Signs of Synthetic Identity Fraud
Synthetic identity fraud is a $20B problem, but it's not impossible to prevent. We break down the 2 telltale signs. As it turns out, too much information is just as suspicious as not enough when it comes to detecting constructed identities.
Connecting the Dots: Fight Organized Retail Crime (ORC) With Recaptured Data
Connecting the Dots: Fight Organized Retail Crime (ORC) With Recaptured Data
Criminals are going omni-channel with Organized Retail Crime. Learn more about this type of fraud and see how the digital and physical worlds can collide to solve ORC cases.
Three’s a Crowd: Breaking Down Triangulation Fraud
Three’s a Crowd: Breaking Down Triangulation Fraud
As online shopping continues to boom, both consumers and retailers should be aware of triangulation fraud. Learn more about this tactic, how it works, and how you (and your business) can avoid getting caught up in it.
Rethinking Trust: Adapting to the Reality of Supply Chain Compromise
Rethinking Trust: Adapting to the Reality of Supply Chain Compromise
In an interconnected business world where organizations depend on hundreds of separate technologies and vendors, third-party access offers a reliably weak spot in any security posture.
5 Years of Risk: How Cybersecurity Threats Continue to Evolve
5 Years of Risk: How Cybersecurity Threats Continue to Evolve
A look back at the threat landscape that experts were predicting over the last five years to see how the industry has changed – and what could be ahead.
Was It a Breach or Credential Stuffing?
Was It a Breach or Credential Stuffing?
We've noticed a trend where media headlines equate data breaches & credential stuffing. The difference is critical for companies like Zoom, Nintendo, and Spotify, who made headlines in 2020 for the wrong reasons & suffered brand damage as a result.
Cryptography of the Cracking World
Cryptography of the Cracking World
Dictionaries, combolists, rainbow tables...We explain the terms used within online “cracking communities” and what they mean for us as defenders.
Business Email Compromise (BEC) and Stolen Credentials
Business Email Compromise (BEC) and Stolen Credentials
Business email compromise (BEC), has been used to defraud businesses out of over $3 billion. Know what to look for in these types of scams.
Credential Stuffing vs. Password Spraying
Credential Stuffing vs. Password Spraying
Dig into the differences between these two common attack types, and how you can prevent account takeovers that stem from either one.
Discord’s Dark (Web) Side
Discord’s Dark (Web) Side
Displaced darknet communities have found a new home on Discord. See what's being sold and traded – and learn what to do if you happen to come across these activities.
Mobile Device Security, A Multi-Faceted Approach
Mobile Device Security, A Multi-Faceted Approach
Shedding light on mobile threats as well as potential solutions including mobile threat defense, zero trust frameworks, and account takeover prevention measures.
The Dark Web Is as Innovative as Ever
The largest dark markets may have been seized, but they always seem to persist. Fortunately, they’re run by humans and humans make mistakes.
How long would it take to crack your password?
How long would it take to crack your password?
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
In Depth: The New Dark Markets
In Depth: The New Dark Markets
New markets on the dark web represent a shift in how underground goods are bought and sold. What does history have to say about how new markets will fare?
Criminals are using these tools to “crack” your website
Criminals are using these tools to “crack” your website
Custom-built “cracking” tools are making it easier than ever for criminals to automate credential stuffing. 
Legacy Malware Still Packs a Punch
Legacy Malware Still Packs a Punch
Legacy infostealer malware like Redline Stealer & Raccoon Stealer are still fueling cybercrime and threatening organizations. Here’s how to stay protected.
The Rise of Mobile Malware
The Rise of Mobile Malware
In this article, we dig into the alarming rise of mobile malware and what organizations can do to prevent and combat this growing threat.
How to Address the Infostealer Malware Threat
How to Address the Infostealer Malware Threat
Infostealer malware specializes at slipping through the cracks. This new approach to malware remediation evens the playing field.
It Ain’t Over Til It’s Over: Why Post-Infection Remediation Is Needed to Truly Resolve Malware Infections
It Ain’t Over Til It’s Over: Why Post-Infection Remediation Is Needed to Truly Resolve Malware Infections
As threats from malware infections slip through security defenses, a new approach to preventing ransomware is necessary. With SpyCloud Compass, security teams can now conduct complete Post-Infection Remediation.
Botnets: The Information Stealers Mama Never Warned You About
Botnets: The Information Stealers Mama Never Warned You About
Get the lowdown on botnets, networks of computers infected by malware. See why they're dangerous and how to protect yourself.
The Bad News About Infostealer Malware: There’s No Silver Bullet (But There IS More You Can Do)
The Bad News About Infostealer Malware: There’s No Silver Bullet (But There IS More You Can Do)
Find out what makes infostealer malware a unique threat, and how SOC teams should adjust traditional approaches to fully address the risk it poses.
SpyCloud Report: Gaps Still Loom in Malware Remediation
SpyCloud Report: Gaps Still Loom in Malware Remediation
Key findings and insights from over 300 security & IT leaders and practitioners surveyed by SpyCloud regarding the growing threat of infostealer malware and what companies are missing when it comes to remediation.
Corporate Darknet Exposure on the Rise Due to Malware
Corporate Darknet Exposure on the Rise Due to Malware
The dark web is crawling with compromised credentials and cookies from the largest companies in the US and UK. We cover takeaways from our reports on the Identity Exposure of the Fortune 1000 and FTSE 100.
How Infostealer Malware Helps Ransomware Operators Hide in Plain Sight
How Infostealer Malware Helps Ransomware Operators Hide in Plain Sight
As malware attempts reach staggering heights, we dive into infostealer malware, including how it executes, the risks it poses, and how it can lead to follow-on attacks like ransomware.
A Rundown of Current Malware Trends From the Darknet
A Rundown of Current Malware Trends From the Darknet
Our resident security research expert discusses malware trends – including why we’re finding screenshots of victims’ desktops among the exfiltrated data.
SpyCloud Annual Report: Malware is Making Its Mark on the Darknet
SpyCloud Annual Report: Malware is Making Its Mark on the Darknet
This year’s report focuses on the growing risk of malware infections. With half of the exposed credentials coming from botnet logs, our recaptured data shows a shift in cybercriminal trends.
7 Steps of a Complete Malware Incident Response Plan
7 Steps of a Complete Malware Incident Response Plan
We break down the steps that enable the shift from a machine-focused approach to malware infection response to an identity-focused approach that truly reduces the enterprise’s risk of ransomware.
What Motivates Cybercriminals to Run Malware Campaigns?
What Motivates Cybercriminals to Run Malware Campaigns?
While money is a common and obvious motivation for malware campaigns, we examine various motivating factors behind malware, including hacktivism and notoriety.
Fool Me Once: How Botnets Help Malicious Actors Pose as Your Employees (And What Enterprises Can Do About It)
Fool Me Once: How Botnets Help Malicious Actors Pose as Your Employees (And What Enterprises Can Do About It)
Botnets are one of the tools that enable bad actors to carry out extensive infostealer attacks. We discuss the risks of botnets, infostealers, and malware infections, and how to close ransomware visibility gaps.
What is Session Hijacking and How Do You Prevent It?
What is Session Hijacking and How Do You Prevent It?
Session cookies siphoned from unmanaged devices infected with malware pose a significant threat to enterprises. Learn how criminals use stolen web session cookies to access enterprises and launch cyberattacks.
Roses Are Red(Line): Why Credential-Stealing Malware is Giving SOC Teams the Blues
Roses Are Red(Line): Why Credential-Stealing Malware is Giving SOC Teams the Blues
One of the biggest challenges in ransomware prevention is the lack of visibility into credential-stealing malware. Get insights on how these infections work and why malware causes headaches for SOC teams.
A Guide to Preventing Ransomware Attacks: Essential Security Measures for Your Business
A Guide to Preventing Ransomware Attacks: Essential Security Measures for Your Business
Learn essential ransomware prevention tips for businesses, including how you can use SpyCloud to better protect your data.
2024 SpyCloud Defense Report Key Findings: What’s Fueling Ransomware This Year
2024 SpyCloud Defense Report Key Findings: What’s Fueling Ransomware This Year
Explore SpyCloud’s 2024 report on ransomware and malware exposure, and learn how security teams can turn the tide with next-gen defense strategies.
Top Ransomware Trends from the 2023 SpyCloud Report
Top Ransomware Trends from the 2023 SpyCloud Report
Read highlights from the 2023 SpyCloud Ransomware Report, including attack precursors, frequency, and costs affecting security teams & organizations.
The Hidden Costs of Ransomware Attacks
The Hidden Costs of Ransomware Attacks
The cost of a ransomware attack isn’t just a payment - negative brand reputation and loss of customers can hurt the bottom line, while employees mitigating an attack can impact productivity.
How Infostealer Malware Helps Ransomware Operators Hide in Plain Sight
How Infostealer Malware Helps Ransomware Operators Hide in Plain Sight
As malware attempts reach staggering heights, we dive into infostealer malware, including how it executes, the risks it poses, and how it can lead to follow-on attacks like ransomware.
2022 in Review: The Year of Ransomware
2022 in Review: The Year of Ransomware
Ransomware has been a growing cyber threat for several years but with increased sophistication and methods it seems like 2022 was really the year it took off. Here we break down the trends and ways organizations can better prepare in 2023 and beyond!
Outsourcing Initial Access: Ransomware Groups Don’t Break In, They Log In.
Outsourcing Initial Access: Ransomware Groups Don’t Break In, They Log In.
Monetizing network access is not a new scheme, but the emergence of Ransomware-as-a-Service (RaaS) operators has created a market for specialized actors called Initial Access Brokers (IABs).
The Most Overlooked Ransomware Defenses
The Most Overlooked Ransomware Defenses
We dig into key findings from our annual survey of more than 300 security leaders, including the role malware plays in ransomware attacks and the missing piece of incident response.
Three Common Entry Points for Ransomware
Three Common Entry Points for Ransomware
Understanding ransomware entry points is critical to preventing attacks in the first place. We examine three common access points for ransomware and discuss how to close gaps in your prevention strategy.
2021 Ransomware Defense Report: Breaking Down Key Findings
2021 Ransomware Defense Report: Breaking Down Key Findings
A summary of key findings from 250 U.S. Enterprise Security Leaders about the state of Ransomware Defense. Spoiler Alert: It's not all bad news.
Password Hygiene: A Prerequisite for Higher Education
Password Hygiene: A Prerequisite for Higher Education
Poor cybersecurity hygiene has made colleges & universities prime targets for ransomware. How can these institutions make security an educational priority?
Ransomware: A Global Threat with Local Consequences
Ransomware: A Global Threat with Local Consequences
As the U.S. federal government addresses the ransomware scourge, state and local governments are left unprepared and caught in the crosshairs.
Ransomware Attacks Against Local Governments on the Rise While Prevention Efforts Lag
Ransomware Attacks Against Local Governments on the Rise While Prevention Efforts Lag
Ransomware attacks against local governments and utilities continue to pile up, and hackers are putting pressure on victims by threatening to leak data to the public domain.
2025 Verizon report
Breaking Down the 2025 Verizon Data Breach Investigations Report
Explore key takeaways from the 2025 Verizon DBIR. See how identity threats, ransomware, and third-party risks impact your defenses.
How We Identified Fake North Korean IT Workers Using Identity Matching
See how malware infection logs can help organizations spot fake North Korean IT workers engaging in hiring fraud.
5 Identity Protection Strategies for Government Agencies
5 Identity Protection Strategies for Government Agencies
Cybercriminals target government agencies to steal credentials and sensitive data. Learn five essential identity protection strategies to defend against cyber threats.
Cybercrime Wins in 2024: Major Takedowns & Arrests
Cybercrime Wins in 2024: Major Takedowns & Arrests
Discover the biggest wins from 2024 against cybercrime—from major infostealer takedowns to global ransomware crackdowns—and what they mean for the future of cybersecurity.
5 Important Takeaways from IBM’s Cost of a Data Breach Report 2024
5 Important Takeaways from IBM’s Cost of a Data Breach Report 2024
The cost of a data breach rose again this year. Get the key findings from IBM’s Cost of a Data Breach Report 2024.
Breaking Down the 2024 Verizon Data Breach Investigations Report
SpyCloud breaks down key points from the Verizon 2024 Data Breach Investigations Report. ✓ Read our recap of the highlights.
What to Watch for Following The Post Millennial Data Breach
What to Watch for Following The Post Millennial Data Breach
Here's what we found when we analyzed The Post Millennial data breach, including the types of exposed data assets contained in the 87 million leaked records.
2024 Identity Exposure Report: How Cybercriminals Are Upping the Game
2024 Identity Exposure Report: How Cybercriminals Are Upping the Game
Our 2024 Identity Exposure Report showcases just how big the stolen data problem is today. Here’s what we learned in our annual analysis of recaptured breach & malware data from the darknet.
What We Know About the MOAB Data Leak
What We Know About the MOAB Data Leak
Learn about the MOAB data leak and find out how much of the exposed data is already known, public, or outdated per SpyCloud Labs research.
Top Takeaways from IBM’s Cost of a Data Breach Report 2023
Top Takeaways from IBM’s Cost of a Data Breach Report 2023
The cost of a data breach keeps rising but there are concrete approaches for mitigating costs that work. Read the key findings from this year's IBM report.
Key Takeaways from the Verizon 2023 Data Breach Investigations Report: A Look Back and A Way Forward
Key Takeaways from the Verizon 2023 Data Breach Investigations Report: A Look Back and A Way Forward
New year, same story: Credentials are king, ransomware is rampant, and human error prevails. We dig into the Verizon 2023 Data Breach Investigations Report and shed some light on what the future holds.
SpyCloud Research: Breach Exposure of the Fortune 1000
SpyCloud Research: Breach Exposure of the Fortune 1000
We were able to tie more than 412 million breach assets within the SpyCloud database to employees within the Fortune 1000, providing a snapshot of the breach exposure affecting major enterprises.
Summer Cybercrime Trends, Recycled Leaks & Nefarious Nation-State Activity
From the “16 billion passwords” leak to trends in the Chinese criminal underground, our June cybercrime update breaks down the biggest cyber threats and news.
blog image for chinese hacking-for-hire analysis
State Secrets for Sale: More Leaks from the Chinese Hack-for-Hire Industry
SpyCloud Labs analyzes sample data from the VenusTech and Salt Typhoon data leaks as well as overall trends in the Chinese cybercriminal underground.
What’s Inside the Massive Chinese Data Leak
With over 4 billion records, it’s being dubbed the biggest leak of Chinese personal data ever. Here's what to know.
The LummaC2 Takedown, Attack Trends & Forum War Fighting
The LummaC2 Takedown, Attack Trends & Forum War Fighting
From the LummaC2 takedown to the BreachForums void, our May cybercrime update breaks down the biggest cyber threats & news.
Freshly Stolen: The New Age of Combolists
Freshly Stolen: The New Age of Combolists
ULP combolists often contain fresh infostealer data. Here’s what to know about ULP combolists, including how to defend your organization from credential theft & attacks.
April Cybercrime Update: BreachForums Down, A Big Twitter Leak & Atomic Stealer Infection Trends
April Cybercrime Update: BreachForums Down, A Big Twitter Leak & Atomic Stealer Infection Trends
From the Twitter/X breach to Atomic macOS Stealer infection trends, our April cybercrime update breaks down the biggest cyber threats and news.
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
We analyzed the nearly 200K leaked Black Basta chats and this is what we learned about their use of exposed credentials for ransomware operations.
Residential Proxies, North Korean IT Workers & Smishing
Residential Proxies, North Korean IT Workers & Smishing
A deep dive into March’s cybercrime trends, including GhostSocks, North Korean IT workers, and pesky smishing campaigns.
On the Hunt for Ghost(Socks)
On the Hunt for Ghost(Socks)
LummaC2’s link to GhostSocks reveals stealthy proxy access, long-term persistence, and advanced evasion—posing a serious threat to enterprise defenses.
Cybercrime Wins in 2024: Major Takedowns & Arrests
Cybercrime Wins in 2024: Major Takedowns & Arrests
Discover the biggest wins from 2024 against cybercrime—from major infostealer takedowns to global ransomware crackdowns—and what they mean for the future of cybersecurity.
The Most Notable Data Breaches of 2024
The Most Notable Data Breaches of 2024
Headline-making breaches in 2024 exposed millions of records, compromising sensitive data. This blog explores what was stolen and the impact that has on security strategies to stay ahead.
Black Basta Leaks, B1ack’s Stash, & Billions of Stealer Log Records
Black Basta Leaks, B1ack’s Stash, & Billions of Stealer Log Records
A deep dive into February’s cybercrime trends, including Black Basta ransomware insights, stolen credit card databases, and the latest threat actor activities.
Properly Cleaning and Gutting Your Phish: How Cybercriminals Are Vetting Victim Data
Properly Cleaning and Gutting Your Phish: How Cybercriminals Are Vetting Victim Data
Bad actors use phishing gateway pages to screen and validate stolen data. Learn how they work and how to protect yourself from these attacks.
First of 2025: Trending Cybercrime News & Analysis
First of 2025: Trending Cybercrime News & Analysis
The end of 2024 and start to 2025 had no shortage of cyber security hot topics to cover. Dig into our latest findings and insights in this blog.
Cybercrime Enablement Services: Underneath the Hood of a Multi-Trillion Dollar Industry
Cybercrime Enablement Services: Underneath the Hood of a Multi-Trillion Dollar Industry
The cybercrime industry today features specialists who offer cybercrime enablement services for anything a criminal doesn’t want to do – or can’t do – themselves. Learn more.
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
Discover how LummaC2 has evolved with new stealth tactics, enhanced theft capabilities & novel evasion techniques in our latest SpyCloud Labs analysis.
Cybercrime News & Analysis to Close Out the Year
Cybercrime News & Analysis to Close Out the Year
From big data leaks to cyber underground insights, SpyCloud tracked some of the top threats in 2024. Read our recap & 2025 predictions.
Why Cardholder Data on Threads Is a Growing Risk for Fraud & Security Teams
Why Cardholder Data on Threads Is a Growing Risk for Fraud & Security Teams
Cybercriminals are posting stolen credit card info & sensitive personal data on the Threads platform. Read the SpyCloud Labs analysis & get recommendations to prevent financial fraud.
Trending Cybercrime News & Analysis
Trending Cybercrime News & Analysis
This month, we’re breaking down the latest in cyber – from hot topics like Telegram, Operation Magnus, LockBit, and the arrest of USDoD to new research from SpyCloud Labs.
Legacy Malware Still Packs a Punch
Legacy Malware Still Packs a Punch
Legacy infostealer malware like Redline Stealer & Raccoon Stealer are still fueling cybercrime and threatening organizations. Here’s how to stay protected.
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem
Learn about the TTPs China-based threat actors refer to as SDK & DPI, as well as SGKs, which house exfiltrated data about Chinese residents.
Breaking Down the MC2 Data Breach
Breaking Down the MC2 Data Breach
The MC2 data breach contains extensive PII on customers and individuals who had their backgrounds screened with the service. Here’s what to know about the leak.
How Infostealers Are Bypassing New Chrome Security Feature to Steal User Session Cookies
How Infostealers Are Bypassing New Chrome Security Feature to Steal User Session Cookies
See how cybercriminals are bypassing Google Chrome’s App-Bound Encryption feature with infostealer malware to steal session cookies that can be used in session hijacking attacks.
The Curious Case of an Open Source Stealer: Phemedrone
The Curious Case of an Open Source Stealer: Phemedrone
SpyCloud Labs dissects the capabilities of the open source Phemedrone Stealer, including log encryption, configuration & victim targeting.
What to Know About the National Public Data Breach – Is it Worthy of the Hype?
What to Know About the National Public Data Breach – Is it Worthy of the Hype?
The National Public Data (NPD) breach includes nearly 2.7 billion leaked records – and hundreds of millions of Americans’ social security numbers. Here’s what to know.
Infostealer Trends & The Resurgence of Keyloggers
Infostealer Trends & The Resurgence of Keyloggers
SpyCloud Labs digs into new infostealer malware variants like Kemicat and Mephedrone, as well as the resurgence of keyloggers like Snake.
The SpyCloud Approach to Responsible Disclosure of Breached, Leaked, and Stolen Data
The SpyCloud Approach to Responsible Disclosure of Breached, Leaked, and Stolen Data
Learn how SpyCloud responsibly discloses breached, leaked & stolen data to victim organizations as part of our mission to make the internet safer.
Reversing Atomic macOS Stealer: Binaries, Backdoors & Browser Theft
Reversing Atomic macOS Stealer: Binaries, Backdoors & Browser Theft
SpyCloud Labs reverse-engineered Atomic macOS Stealer to get a better understanding of its current capabilities and the threat it poses to the security community. Here’s our analysis.
What to Watch for Following The Post Millennial Data Breach
What to Watch for Following The Post Millennial Data Breach
Here's what we found when we analyzed The Post Millennial data breach, including the types of exposed data assets contained in the 87 million leaked records.
3 New Infostealers to Watch This Year
3 New Infostealers to Watch This Year
We’ve added three new Windows infostealer malware families to our recaptured data repository. Learn about Xehook, Meduza, and Elusive.
How the Threat Actors at SpaxMedia Distribute Malware Globally
How the Threat Actors at SpaxMedia Distribute Malware Globally
Threat actors are using PPI networks to distribute malware families like LummaC2 and Atomic Stealer. Our researchers analyzed one of them – SpaxMedia – and here’s what we found.
“Pantsless Data”: Decoding Chinese Cybercrime TTPs
“Pantsless Data”: Decoding Chinese Cybercrime TTPs
SpyCloud Labs research uncovered unique Chinese threat actor TTPs for persistent data access, data acquisition, and data exfiltration.
What We Know About the MOAB Data Leak
What We Know About the MOAB Data Leak
Learn about the MOAB data leak and find out how much of the exposed data is already known, public, or outdated per SpyCloud Labs research.
Behind the Scenes Research of a Successful Malware Traffer Team: Admin and the Four Dwarfs
Behind the Scenes Research of a Successful Malware Traffer Team: Admin and the Four Dwarfs
SpyCloud Labs researchers uncovered details about a cybercrime traffer team that is responsible for distributing malware families to victims around the globe.
Reversing LummaC2 4.0: Updates, Bug Fixes
Reversing LummaC2 4.0: Updates, Bug Fixes
SpyCloud Labs analysts reverse-engineered LummaC2 Stealer and observed notable upgrades and capabilities to its code.
Prevalence of LummaC2 Infostealer Skyrockets Over 2000% in Just 6 Months
Prevalence of LummaC2 Infostealer Skyrockets Over 2000% in Just 6 Months
SpyCloud research shows a recent surge in the prevalence of the LummaC2 infostealer, rising 2000% in 6 short months.
Detect and Remediate Infostealer Malware Faster with SpyCloud + Your EDR
Detect and Remediate Infostealer Malware Faster with SpyCloud + Your EDR
Detect and remediate infostealer malware with SpyCloud’s EDR malware detection integrations, powering SOC teams with high-fidelity alerts for rapid response.
Remediate Active Directory Exposures within 5 Minutes
Remediate Active Directory Exposures within 5 Minutes
SpyCloud has released a new & improved version of Active Directory Guardian that identifies more exposed employee passwords and resets exposed passwords automatically.
Say Goodbye to Hidden Identity Threats with SpyCloud’s New & Improved Enterprise Protection Dashboard
Say Goodbye to Hidden Identity Threats with SpyCloud’s New & Improved Enterprise Protection Dashboard
Explore SpyCloud's revamped Enterprise Protection Dashboard, offering security teams powerful visibility and tools to combat identity threats.
Supercharge Your OSINT Investigations with SpyCloud
Supercharge Your OSINT Investigations with SpyCloud
SpyCloud Investigations with IDLink analytics is the ultimate force multiplier for analysts. See what’s possible and get a demo today.
Beyond OSINT: How to Accelerate Threat Actor Investigations with SpyCloud
Beyond OSINT: How to Accelerate Threat Actor Investigations with SpyCloud
Discover how your team can accelerate threat actor attribution with SpyCloud Investigations.
SpyCloud Compromised Credit Card API
Fraud Prevention with SpyCloud’s Compromised Credit Card API
SpyCloud has released a new Compromised Credit Card API – allowing credit card, gift card, & loyalty issuers to automatically monitor and detect exposed card numbers.
How Canva Secures Employee Identities with SpyCloud and Tines
How Canva Secures Employee Identities with SpyCloud and Tines
Discover how Canva safeguards its employees with the powerful combination of SpyCloud Cybercrime Analytics and Tines' automated workflows.
Introducing the SpyCloud Cortex XSOAR Integration
Introducing the SpyCloud Cortex XSOAR Integration
SpyCloud’s integration with Cortex XSOAR bridges gaps between identity-related exposure incidents and corresponding incident response and remediation workflows.
Getting Started with SpyCloud
Getting Started with SpyCloud
What’s it like to actually be a SpyCloud customer? Here’s how we set our customers up for success from day one.
SpyCloud Compass Malware Exposure Remediation Product Update: Stolen Cookie Indicator
SpyCloud Compass Malware Exposure Remediation Product Update: Stolen Cookie Indicator
SpyCloud Compass now includes stolen cookie data for malware infections to help you remediate employee exposures.
Get Ready to Supercharge Your Cyber Investigations with SpyCloud Investigations Portal
Get Ready to Supercharge Your Cyber Investigations with SpyCloud Investigations Portal
Your cybercrime investigations just got an easy button: Introducing the new SpyCloud Investigations Portal for easier, fast cyber investigations.
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
Reduce Supply Chain Account Takeover Risk with SpyCloud Third Party Insight
SpyCloud Third Party Insight helps you prevent account takeover by monitoring your supply chain for breach and malware exposures and sharing that data to aid remediation efforts.
Introducing the SpyCloud Microsoft Sentinel Integration
Introducing the SpyCloud Microsoft Sentinel Integration
The SpyCloud integration with Microsoft Sentinel helps security teams triage and remediate identity-related exposure incidents to prevent targeted account takeover and cyberattacks.
SpyCloud Embraces Equity in Tech on International Women’s Day
SpyCloud Embraces Equity in Tech on International Women’s Day
In honor of International Women’s Day during Women’s History Month, female leaders at SpyCloud discuss their careers in technology and offer advice to other women entering the field.
SpyCloud Hires CFO, Demonstrates Rapid Growth
SpyCloud Hires CFO, Demonstrates Rapid Growth
Greater than 950 percent YoY rise in revenue indicates ATO prevention is a high priority for enterprises.
SpyCloud New Feature: Most Recent Alerts
SpyCloud New Feature: Most Recent Alerts
Our development team is constantly pumping out new features, and we’re excited to highlight one that our customers have been asking for: Recent Records Alerts!

Act on what criminals know about your business.