Marcus White

Deployment

Security

Technical

Marcus is a Specops cybersecurity specialist based in the UK. He’s been in the B2B technology sector for 8+ years and has worked closely with products in email security, data loss prevention, endpoint security, and identity and access management.

Articles written by Marcus White

Nov

28

Nine ways MFA can be breached (and why passwords still matter)

Of all the access security recommendations you come across, multi-factor authentication (MFA) is arguably the most consistent. And there’s good reason many best practice recommendations and compliance frameworks now place MFA at the top of the list of security configurations…
Read More
Nov

15

[New research] How tough is bcrypt to crack? And can it keep passwords safe?

Earlier this year, the Specops research team published data on how long it takes attackers to brute force MD5 hashed user passwords with the help of newer hardware. Now we’ll be putting the bcrypt hashing algorithm to the test, to…
Read More
Oct

03

Password reuse: A hidden danger you can’t ignore

Reusing passwords is common, despite years of warnings to end users. It’s a problem that’s difficult for IT teams to get a handle on, especially if people are reusing work passwords at home. This means a breach elsewhere can bring…
Read More
Sep

18

MGM Resorts hack: How attackers hit the jackpot with service desk social engineering

Hotel and entertainment giant MGM Resorts were left reeling in September 2023 after a serious cyber-attack that kicked off with a fraudulent call to their Service Desk. In the days after the attack, they struggled to get systems back online…
Read More
Aug

28

Thinking about going passwordless? Here’s what to consider first.

In 2004, Bill Gates made a bold prediction that passwords would soon be dead. Almost twenty years later, the password is pretty much as prevalent as ever. If you’re here, it’s a question that’s probably crossed your mind too: why…
Read More
Aug

14

British law firms are under attack from ransomware. How should we upgrade our cyber defences?

Law firms across the UK have been given a stark warning in a recent report by the National Cyber Security Centre (NCSC): get serious about upgrading your cyber defences or risk your legally privileged information being stolen by ransomware gangs.…
Read More
Jul

31

Hybrid password attacks: How they work and how to stop them

Cybersecurity measures force threat actors to get creative and come up with new and inventive ways to compromise user credentials. As the name suggests, hybrid password attacks involve combining two or more attack methods to carry out password cracking. Taking…
Read More
Jul

24

Never expire passwords? Why we shouldn’t ditch password expiry just yet.

Resetting passwords via service desk tickets and support calls is an everyday burden on IT teams. Users are equally frustrated when the ‘time to change your password’ notification pops up during a busy work day – especially when they realize…
Read More
Jul

19

Update to GLBA safeguards rule: What you need to know

Financial institutions are at the forefront of cybersecurity challenges due to the sensitive nature of the data they handle. As the frequency and sophistication of cyberattacks increase, so does the need for robust regulatory safeguards, requiring organizations to bolster their…
Read More
Jul

10

Active Directory honeypot accounts: How to keep attackers sweet

Monitoring and detecting account compromise is one of the most challenging tasks for IT admins and SecOps professionals. Once a legitimate account has been compromised, it can be difficult to detect an attacker’s activities until it’s too late and damage…
Read More