Marcus White

Deployment

Security

Technical

Marcus is a Specops cybersecurity specialist based in the UK. He’s been in the B2B technology sector for 8+ years and has worked closely with products in email security, data loss prevention, endpoint security, and identity and access management.

Articles written by Marcus White

Feb

25

Healthcare cybersecurity: How to prevent password sharing

In the high-stakes world of healthcare, where every second counts and patient care is paramount, the temptation to share passwords can seem like a minor shortcut. Professionals in the healthcare industry can find themselves navigating a delicate balance between ensuring…
Read More
Feb

17

Incident response: Responding to credential-based cyber-attacks

Credential-based attacks are popular with hackers due to the ease of purchasing compromised passwords online. When credentials are compromised, the potential for significant damage is high, as attackers can gain access to sensitive data, manipulate systems, and move laterally within…
Read More
Feb

12

The power of love and breached passwords

When analyzing breached passwords from the Specops database, we often turn up some surprising trends and insights. For example, the unexpected prevalence of the word "love" in passwords and its significance across different languages and cultures. We'll take a look…
Read More
Feb

04

AI arms race: How AI will be used by cyber-attackers (and defenders)

It’s no surprise that AI’s explosive growth in the last five years has also greatly expanded the need for sophistication and preparation from security threats. While artificial intelligence presents new challenges, machine learning and neural networks also expand security teams’…
Read More
Jan

21

[New research] Learn what 1 billion+ malware-stolen credentials mean for your 2025 security to-do list

The Specops research team have launched the 2025 Breached Password Report, which contains analysis of over 1 billion malware-stolen passwords. The launch of the report also coincides with the latest addition of over 210 million compromised passwords to the Specops Breached Password…
Read More
Jan

14

The future of passwords: Emerging technologies and trends

While some experts keep predicting their demise, the reality is that passwords aren’t going anywhere soon — they remain at the heart of how we secure our digital world. New security tools are emerging, but they're working alongside passwords, not replacing them.…
Read More
Jan

07

Credential-based attacks: Key types, how they work, and defense strategies

Credential-based attacks remain a significant threat to organizations of all sizes. According to the Verizon Data Breach Investigations Report (DBIR), lost or stolen credentials are the most common way for cybercriminals to gain initial access to systems. Google Cloud said…
Read More
Dec

06

How to build a PCI-compliant password policy

The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant emphasis…
Read More
Nov

12

[New research] How well does SHA256 protect against modern password cracking

The Specops research team have previously published data on how long it would take for hackers to brute force hashed user passwords. We set up hardware to test two different algorithms: MD5 hashed passwords and bcrypt hashed passwords. Now, we’ll…
Read More
Oct

28

TfL forced to manually reset 30K passwords after cyber-attack – is there an easier way?

In early September 2024, Transport for London (TfL) found itself at the epicenter of a sophisticated cyber-attack. As the news broke, the scale of the breach became apparent, leading to operational disruptions and the need for an immediate, robust response.…
Read More