Skip to main content


Insights on ATO, the criminal underground, and more

Strong Password Tips

Tips for Strong Passwords

With stolen credentials being the #1 entry point for cybercriminals, password security has never been more critical. We offer five tips for stronger passwords for users and enterprises alike.

Read More

Trends in MFA in a WFH World

Increased adoption of MFA is a good thing for cybersecurity, especially as remote work grows in popularity – and preference – but humans remain the weakest link.

Read More
Breach or Credential Stuffing

Was It a Breach or Credential Stuffing?

We’ve noticed a trend where media headlines equate data breaches & credential stuffing. The difference is critical for companies like Zoom, Nintendo, and Spotify, who made headlines in 2020 for the wrong reasons & suffered brand damage as a result.

Read More
Understanding the SolarWinds Supply Chain Attack

Breaking Down the SolarWinds Supply Chain Attack

It will be years – maybe decades – before we know the true extent of the fallout from the SolarWinds Orion software supply chain compromise. Based on what we know so far, SpyCloud has broken down the stages of this targeted, identity-based attack.

Read More
Unemployment Fraud - Recommendations for agencies, fraud teams, employers and individuals

Unemployment Fraud: Who is Using Your Identity to Collect?

Criminals are using stolen credentials and PII to impersonate unemployed workers, diverting the funds from benefit claims into their own pockets. With $26 billion at risk, we provide recommendations for government agencies, fraud teams, employers and individuals on how to stop the bleed.

Read More
Discord Dark Web - SpyCloud Blog

Discord’s Dark (Web) Side

Displaced darknet communities have found a new home on Discord. See what’s being sold and traded – and learn what to do if you happen to come across these activities.

Read More
How long would it take to crack your password?

How long would it take to crack your password?

Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.

Read More

Transforming recaptured data to protect your business.