Organizational Security Posture Effectiveness Declines by 38% Due to COVID

Remote workforces, insecure devices, a lack of multi-factor authentication, and a lack of user education all add up to a security nightmare for the average organization today.

WARNING: Americans’ Password Habits are Horrible, Putting Organizations at Risk

New data shows the average American uses short, uncomplicated, and often predictable passwords, practices which only increase the insecurity of corporate user accounts.

Researchers Discover Most Microsoft 365 Admins Don't Enable Multi-Factor Authentication

Researchers from CoreView recently discovered that 97% of all total Microsoft 365 users do not utilize multi-factor authentication (MFA). A staggering 78% of Microsoft 365 admins do not ...

[NEW BOOK] Hacking Multi-Factor Authentication

I’m excited to announce the release of my 12th book, Hacking Multifactor Authentication.

Cybersecurity Awareness Month Weekly Tip: Password Security

Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our evangelists to help your users make smarter security decisions and ...

Phishing Campaign Goes After AT&T Employees’ MFA Codes

A phishing campaign is targeting AT&T employees and contractors with a well-crafted fake login page, according to Luke Leal at Sucuri. The phishing page is a near-exact replica of ...

Credential Stuffing to Stuff the Ballot Box

Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...

Credential Stuffing Used Against Financial Services

A security alert from the FBI warns that hackers are launching credential-stuffing attacks against organizations in the financial sector, ZDNet reports.

CISA’s Advice on Countering Phishing

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on best practices to thwart email-based phishing attacks. The ...

Are Account Takeovers Driving Towards a Passwordless Future?

The bad guys will try to take over accounts all the time. Logging onto someone's account with their credentials is usually a whole lot easier than trying to compromise the website ...