Addresses the tactics attackers use to steal login credentials and the countermeasures organizations can deploy. Topics include multi-factor authentication, credential monitoring, dark web surveillance, secure authentication protocols, and employee awareness training.
posts
The Email That Cost MGM Resorts $100 Million In September 2023, a single social engineering attack — starting with a phone call but rooted in the same deception principles as phishing emails — led to a breach at MGM Resorts that cost the company over $100 million. The threat actors behind the
In May 2024, the FBI's Internet Crime Complaint Center reported that business email compromise — a category built almost entirely on fake emails — accounted for over $2.9 billion in adjusted losses in a single year. That figure dwarfed ransomware losses by a factor of nearly 50. And those
The Trojan Horse You Already Installed In March 2024, a lone developer named Andres Freund noticed something odd: SSH connections were taking 500 milliseconds too long. That curiosity uncovered the XZ Utils backdoor — a sophisticated supply chain attack where a threat actor had spent two years building trust as a
In 2023, a finance employee at a Hong Kong multinational wired $25 million to threat actors after a spear phishing email led to a deepfake video call impersonating the company's CFO. That's not a plot from a thriller — it's a real incident reported by
In January 2024, the FBI's Internet Crime Complaint Center reported that business email compromise — much of it powered by spoofed sender addresses — cost American organizations over $2.9 billion in 2023 alone. Behind a huge share of those losses sits a deceptively simple tool: the fake mailer. These
A $37 Million Wire Transfer Started with One Email In 2024, a finance employee at a multinational firm joined what appeared to be a legitimate video call with the company's CFO. It was a deepfake. The attackers had spent weeks gathering intelligence — org charts, communication styles, ongoing projects
In March 2025, a mid-size accounting firm in the Midwest lost $2.1 million after a single employee clicked a spoofed DocuSign link during tax season. The firm had antivirus software. They had a firewall. What they didn't have was phishing simulation training — the one layer of defense
In December 2024, a finance employee at a multinational firm in Hong Kong wired $25 million after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The real CFO had never scheduled the meeting. This
The Breach That Started With a Single Reused Password In January 2024, a credential stuffing attack hit genetic testing giant 23andMe, ultimately exposing the personal data of approximately 6.9 million users. The root cause wasn't some exotic zero-day exploit. It was customers reusing passwords they'd
The Breach That Started With "Company2024!" In January 2024, the password "admin" was still the most common credential found in data breaches according to NordPass research. That same year, the Verizon 2024 Data Breach Investigations Report confirmed that stolen credentials were involved in over 77% of
