This year’s report focuses on the growing risk of malware infections. With half of the exposed credentials coming from botnet logs, our recaptured data shows a shift in cybercriminal trends.
When you’re alerted that your password was included in a data breach, what can you do to protect your accounts? Learn the implications of exposed credentials and 4 steps to exposed passwords.
Updated stats on the prevalence and cost of common cyberattacks including ATO, ransomware, and fraud for organizations and individuals.
The cost of a ransomware attack isn’t just a payment – negative brand reputation and loss of customers can hurt the bottom line, while employees mitigating an attack can impact productivity.
Ransomware has been a growing cyber threat for several years but with increased sophistication and methods it seems like 2022 was really the year it took off. Here we break down the trends and ways organizations can better prepare in 2023 and beyond!
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
Unwitting insider threats create vulnerabilities that can lead to ransomware attacks. We discuss how ghost accounts and shadow IT impact enterprises and how to mitigate these risks.
Session cookies siphoned from unmanaged devices infected with malware pose a significant threat to enterprises. Learn how criminals use stolen web session cookies to access enterprises and launch cyberattacks.
The problem of password reuse demands a new framework for credential security – one in which users are blocked from choosing passwords that have ever been exposed.
With stolen credentials being the #1 entry point for cybercriminals, password security has never been more critical. We offer five tips for stronger passwords for users and enterprises alike.
We dig into key findings from our annual survey of more than 300 security leaders, including the role malware plays in ransomware attacks and the missing piece of incident response.
In honor of SpyCloud’s 6th anniversary, we take a look at how we’re achieving our mission to make the internet a safer place and discuss the future of the fight against cybercrime.
Fraud experts from SpyCloud and Aite-Novarica tackle recent trends, the rise in ATO, synthetic identities, and malware, and how to level the playing field against fraudsters.
A survey of CISOs found key insights on challenges facing top security leaders, including protecting against ransomware, implementing Zero Trust models, and the need for automated solutions.
SpyCloud’s annual analysis of data from the criminal underground tied to Fortune 1000 and FTSE 100 companies offers insights into trends including password security and PII exposure – along with the growing danger of malware-infected devices.
The latest version of PCI DSS standards feature more robust requirements for passwords and authentication. We break down some of the requirements and how they could impact your organization.
Criminals are going omni-channel with Organized Retail Crime. Learn more about this type of fraud and see how the digital and physical worlds can collide to solve ORC cases.
The SpyCloud Research team takes an in-depth look at anti-detect browsers and how they are being leveraged alongside stolen credentials and cookies to bypass MFA and easily log into targeted accounts.
Dictionaries, combolists, rainbow tables…We explain the terms used within online “cracking communities” and what they mean for us as defenders.
See why Gartner thinks we’re a Cool Vendor – and more about how we’re applying breach data to new use cases beyond ATO prevention.
The cost of a data breach in the healthcare industry is now at an all-time high: $7.13M. Roy Mellinger, former Anthem CISO, shares his perspective & lessons learned from their 2015 breach – takeaways that are relevant for security leaders from all industries.
Confused by the lastest NIST password guidelines? We’ve condensed the recommendations from NIST into an easy-to-follow guide to help you protect your employee and consumer accounts. Plus, learn how SpyCloud’s newest offering can help.
Here’s what you need to know about popular cracking tools including Vertex, Sentry MBA, SNIPR, and OpenBullet, along with custom and target-specific account checkers – plus how you can protect your users and yourself from attacks.
Displaced darknet communities have found a new home on Discord. See what’s being sold and traded – and learn what to do if you happen to come across these activities.
The alleged credential “leaks” of Zoom accounts were created using textbook credential stuffing attacks & old compromised 3rd-party databases. See how Zoom responded to what we discovered.
Since early April, attackers have compromised 160,000 Nintendo accounts. SpyCloud researchers have identified source code for an account checker tool that was custom-built to target Nintendo customers.
SpyCloud researchers have compiled, enriched, and analyzed a list of over 136,000 hostnames and fully qualified domain names with COVID-19 or coronavirus themes from a variety of publicly-available feeds.
For employees working from home, how does our new (hopefully) temporary situation introduce risk, including data theft? Password security is more critical than ever.
We were able to tie more than 412 million breach assets within the SpyCloud database to employees within the Fortune 1000, providing a snapshot of the breach exposure affecting major enterprises.
Cybercriminals are profiting off of coronavirus fears. SpyCloud summarizes 9 tactics security professionals should be aware of.
Ransomware attacks against local governments and utilities continue to pile up, and hackers are putting pressure on victims by threatening to leak data to the public domain.
Understand MFA implementation and adoption challenges and learn steps you can take to strengthen its effectiveness.
SpyCloud researchers have obtained and analyzed a set of over 515,000 Telnet credentials and IP addresses associated with vulnerable hosts that were leaked on a popular criminal forum.
Our 2020 report shows that password reuse continues to be a serious problem, leaving enterprises and their customers vulnerable to account takeover (ATO).
Periodic forced password changes are frustrating for users and counterproductive for security. Here’s why they’ll go the way of the dinosaurs in 2020.
SpyCloud’s latest product offering helps you reduce your risk of a data breach by monitoring your third party relationships for breach exposures and sharing that data to aid remediation efforts.
To commemorate National Cybersecurity Awareness month, we’re sharing 9 practical tips from enterprise CISOs on how to increase participation in security awareness programs.
The largest dark markets may have been seized, but they always seem to persist. Fortunately, they’re run by humans and humans make mistakes.
SpyCloud has released a new & improved version of Active Directory Guardian that makes it easier for organizations to align with NIST password guidelines and reset exposed passwords automatically.
According to a recent study, many security leaders are focused on the wrong risks. Account takeover is a primary risk that deserves more attention.
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
Financial services institutions are searching for a more effective solution to prevent consumer account takeover, awarding SpyCloud Best in Show at Digital Banking 2019.
BYOD has its benefits, but it can also have serious implications. Learn how to defend your organization from the risks.
Lower-tier criminals are taking over fast food accounts to reap hot and fresh rewards–on your dime. By now you’ve probably heard us talk at length
To laymen, the strange lexicon surrounding password security only makes the topic less approachable. What is a salt? What is a hash? And better yet,
We recently announced $21 million in new capital led by M12, Microsoft’s venture fund. Here’s how we plan to grow.
2018 was a busy year for hackers. Interested to see just how busy, our annual credential exposure report breaks all the breaches down by the numbers.
Just how big was the so called Collections #1 “superbreach”? Turns out it was only 1 of 7 totalling more than 8B username and password records, and we’ve got the data on all the records.
This year, credit card fraud is down even though millennials are scoring more deals online. Here’s what that means for your organization.
Weak or reused passwords still pose a huge risk factor for account takeover but as newer authentication techniques evolve, criminals are adapting.
Credential stuffing attacks are on the rise. Learn more about how they’re done and what you can do to protect your organization.
Business email compromise (BEC), has been used to defraud businesses out of over $3 billion. Know what to look for in these types of scams.
Old exposed passwords can do harm long after the initial compromise. Learn why you should be looking at old data, too.
Corporate account takeover is growing at an alarming rate. Find out what you should and shouldn’t do to prevent it.
Do you ever wonder how the dark web works? Do you know what tools provide protection from what can happen in the dark web? We’ll break it down.
In a recent phishing attack, men around the globe are receiving a realistic email that could cost them thousands if they fall for it.
New markets on the dark web represent a shift in how underground goods are bought and sold. What does history have to say about how new markets will fare?
Greater than 950 percent YoY rise in revenue indicates ATO prevention is a high priority for enterprises.
As CISO, your job may keep you up at night worrying about your employees’ and customers’ leaked credentials. There’s plenty to worry about, but you can take proactive steps to find more restful sleep.
Curious about the main takeaways at this year’s RSA Conference? David Endler, president and co-founder of SpyCloud offers his take.
Think your account takeover prevention strategies give you 100% protection? We’ll show you why you should be skeptical.
Verizon released this year’s data breach report and not surprisingly, stolen credentials top the list. SpyCloud evaluates the findings with recommendations to every organization.
Passwords need not be hard to remember. They just need to be hard to guess. NIST sets forth new guidelines to make creating strong passwords a bit easier.
What Is ATO and Why Should You Care? Because of widespread password reuse, Account Takeover (ATO) attacks have become an extremely lucrative business for cybercriminals.
2017 was a busy year for hackers. Interested to see just how busy, our annual credential exposure report breaks all the breaches down by the numbers.
We’ve been asked to provide our point of view regarding 4iQ’s recent article advertised as “Largest Credential Breach Exposure”.
As early deal-hunters strategize ahead of Black Friday and Cyber Monday, so too, are cyber criminals strategizing to exploit the fact that security teams will be taking time off.
Over 28 million records were compromised as a result of the Taringa breach. See what your organization can do to ensure you’re not next.
We’re pleased to announce that SpyCloud has won the “Best of Show” award at Finovate Fall 2017!
SpyCloud welcomes two cybersecurity industry veterans to the team!
SpyCloud, pioneers in breach discovery and credential recovery, showcased its solution at the 2017 FinovateFall conference.
SpyCloud expands their team by adding Alen Puzic as Chief Technology Office, and Jason Lancaster as Director of Security Research.
CyberDefenses Inc. new Credential Tracking Service (CTS) integrates SpyCloud’s early-warning breach technology into its existing solution.
Custom-built “cracking” tools are making it easier than ever for criminals to automate credential stuffing.
SpyCloud announces that it is coming out of stealth mode, after receiving $2.5 Million is seed funding.
We’re proud to share that SpyCloud was the only US winner of the NATO Innovation Challenge. The challenge is aimed at accelerating transformational, state-of-the-art technology solutions in support of NATO’s cyber capabilities.
Our development team is constantly pumping out new features, and we’re excited to highlight one that our customers have been asking for: Recent Records Alerts!
We had a great time exhibiting at the 2017 RSA cybersecurity conference in San Francisco, meeting new friends and reconnecting with many security industry brethren.
2130 S Congress Ave
Austin, Texas 78704
Call: 1-800-513-2502.
©2023 SpyCloud Inc.
All Rights Reserved
