A domain administrator account is the holy grail of privileged accounts in a Microsoft Active Directory environment. If an attacker can get their hands on a Domain Administrator account in the domain, they’ll have access to basically everything. Kerberoasting... Read More
Credential-based Attacks
Categories
MFA prompt bombing: How it works and how to stop it
User credentials are golden prizes for attackers. Weak or breached credentials provide an easy target for attackers looking to log in to a network instead of breaking in. Most businesses have caught on to the fact that multi-factor authentication... Read More
[New Research] Best Password Practices to Defend Against Modern Cracking Attacks
Today, the Specops research team is publishing new data on how long it takes modern attackers to brute force guess user passwords with the help of newer hardware. This data with the latest addition of over 15 million compromised... Read More
What are password mask attacks?
Mask attacks are a targeted brute-force technique used by bad actors to crack passwords. Traditional brute-force attacks systematically try every possible combination of letters, numbers, and symbols to guess a target password. With mask attacks, the goal is to... Read More
Microsoft adds phishing protection to Windows 11
With the recent release of Windows 11 version 22H2, Microsoft has introduced some new capabilities that are designed to protect users against phishing attacks. These phishing protection features are designed to prevent users from making some of the mistakes... Read More
[New Data] Attackers Are Using These Passwords to Attack the RDP Port Right Now
The Specops Breached Password Protection List Tops 3 Billion Unique Compromised Passwords from Live Attack Data and Leaked Lists Today, the Specops Software research team is sharing the results of our analysis on what passwords are being used to... Read More
Ransomware attacks continue to rage on government entities
Ransomware attacks are on the rise and target businesses across many industries and sectors. Government entities are also on the radar of ransomware gangs and have been the subject of many high-profile ransomware attacks. Governmental entities have been a... Read More
How to recover from a ransomware attack
It is arguably one of the most dreaded words for any organization today – ransomware. Ransomware can bring a bustling, thriving, profitable business to its knees in hours. The aftermath can lead to a ripple effect of lost revenue,... Read More
SolarWinds hack explained: Weak password “solarwinds123” cause of SolarWinds Hack
When you look at many of the high-profile breaches that have taken place in recent years, many of them had a common denominator – weak or compromised passwords. Weak passwords are easily compromised and can lead to significant breach... Read More
Ransomware attack types: Ransomware Attacks 101 – from Wannacry to Darkside
Think of ransomware attacks as virtual kidnapping. Ransomware actors use encryption to hold your devices’ functions and files hostage or lock you out of your system. Then they request a ransom for its release. These actors are mostly motivated... Read More