See how cybercriminals are bypassing Google Chrome’s App-Bound Encryption feature with infostealer malware to steal session cookies that can be used in session hijacking attacks.
Google announced a new feature called Device Bound Security Credentials (DBSC) for Chrome. Learn how it affects cookie theft and session hijacking.
SpyCloud researchers break down the risk combolists provide to enterprises and security teams combating stolen credentials and how cybercriminals are still leveraging this age-old tactic.
With the shift from passwords to passkeys, security posture stands a chance at optimization. But it’s still susceptible to compromise. We examine how.
Passwordless authentication feels like all the rage these days but it doesn’t come without its own challenges.
We explore two-factor authentication (2FA) and multi-factor authentication (MFA) and why these added layers of security are critical to protecting your organization.
Our survey of IT security leaders found organizations are investing in layers of defense against authentication-based attacks, but it still isn’t enough. Here we discuss the issues with passwords, passkeys, and MFA + additional steps beyond these measures security teams can take to close the gaps in their defenses.
The problem of password reuse demands a new framework for credential security – one in which users are blocked from choosing passwords that have ever been exposed.
With stolen credentials being the #1 entry point for cybercriminals, password security has never been more critical. We offer five tips for stronger passwords for users and enterprises alike.
The latest version of PCI DSS standards feature more robust requirements for passwords and authentication. We break down some of the requirements and how they could impact your organization.
We’d like to believe that passwords are just a hop-skip-jump away from being obsolete but the truth is, we’re still not quite ready for a passwordless world.
Increased adoption of MFA is a good thing for cybersecurity, especially as remote work grows in popularity – and preference – but humans remain the weakest link.
Ransomware has reached crisis levels across all business sectors and across the globe. What’s fueling it? Two words: stolen credentials.
Let’s try something different from the usual losing weight and eating better. Here are 5 tips for stronger passwords in 2021.
MFA keeping you up at night? It probably should. Check out these common MFA bypass techniques and why another layer of account protection is necessary.
Many years’ worth of accumulated best practices have mostly helped strengthen Active Directory security, but a few long-standing beliefs about enforcing password policies are actually outdated.
Confused by the lastest NIST password guidelines? We’ve condensed the recommendations from NIST into an easy-to-follow guide to help you protect your employee and consumer accounts. Plus, learn how SpyCloud’s newest offering can help.
The alleged credential “leaks” of Zoom accounts were created using textbook credential stuffing attacks & old compromised 3rd-party databases. See how Zoom responded to what we discovered.
Understand MFA implementation and adoption challenges and learn steps you can take to strengthen its effectiveness.
To laymen, the strange lexicon surrounding password security only makes the topic less approachable. What is a salt? What is a hash? And better yet,
Just how big was the so called Collections #1 “superbreach”? Turns out it was only 1 of 7 totalling more than 8B username and password records, and we’ve got the data on all the records.
Credential stuffing attacks are on the rise. Learn more about how they’re done and what you can do to protect your organization.
Old exposed passwords can do harm long after the initial compromise. Learn why you should be looking at old data, too.
Think your account takeover prevention strategies give you 100% protection? We’ll show you why you should be skeptical.
Passwords need not be hard to remember. They just need to be hard to guess. NIST sets forth new guidelines to make creating strong passwords a bit easier.
We’ve been asked to provide our point of view regarding 4iQ’s recent article advertised as “Largest Credential Breach Exposure”.
2130 S Congress Ave
Austin, Texas 78704
Call: 1-800-513-2502
©2024 SpyCloud, Inc. All Rights Reserved
