Posts exploring how attackers steal usernames, passwords, and authentication tokens through phishing, keylogging, brute force attacks, and credential stuffing. Includes actionable guidance on multi-factor authentication, password managers, and monitoring for compromised credentials.
posts
In early 2024, a finance employee at a multinational firm in Hong Kong joined a video call with what appeared to be the company's CFO and several colleagues. Every person on the call was a deepfake. The employee transferred $25.6 million to threat actors before anyone realized
In 2023, the FBI's Internet Crime Complaint Center flagged Remote Desktop Protocol (RDP) as one of the top three initial access vectors for ransomware incidents. That wasn't a surprise to anyone who monitors Shodan — the search engine that indexes internet-facing devices. On any given day, you
A Single Misconfigured S3 Bucket Exposed 3 Billion Records In 2023, researchers at Cybernews discovered what they called one of the largest data exposures ever — over 3 billion records sitting in an open cloud storage instance. No sophisticated hack. No zero-day exploit. Just a misconfigured Amazon S3 bucket with public
A Single Misconfigured Bucket Cost Them Everything In 2023, Toyota disclosed that a cloud misconfiguration had exposed the vehicle location data of 2.15 million customers for over a decade. The root cause wasn't a sophisticated threat actor. It was a single storage bucket set to public instead
The Text Message That Cost a Company $15 Million In 2022, Twilio disclosed a breach that started with a simple SMS message. Employees received text messages impersonating the IT department, directing them to a fake login page. Several entered their credentials. That single vector — mobile phishing attacks delivered via text
A few years ago, a journalist filmed himself reading credit card numbers, PINs, and passwords off the screens of commuters on a London train. No malware. No exploit kit. Just a pair of eyes and a decent camera phone. That's a shoulder surfing attack in its simplest form
The CEO Who Wired $47 Million to a Threat Actor In 2016, Austrian aerospace manufacturer FACC lost €42 million (roughly $47 million) after attackers impersonated the company's CEO via email and convinced an employee in the finance department to transfer funds for a fake acquisition project. The CEO
In April 2024, a credentials dump containing over 26 billion records — dubbed the "Mother of All Breaches" — surfaced on dark web forums. LinkedIn, Twitter, Dropbox, Adobe, and hundreds of other platforms were represented. Within weeks, threat actors were using those credentials in automated stuffing attacks against small and
Your Employees' Passwords Are Probably Already There In 2023, the FBI's Internet Crime Complaint Center received over 880,000 complaints with potential losses exceeding $12.5 billion — and a significant share of that activity traces back to credentials and data traded on dark web marketplaces. If you&
In January 2024, a massive dataset known as the "Mother of All Breaches" surfaced containing 26 billion records — credentials scraped, aggregated, and repackaged from hundreds of previous data breaches. Usernames. Passwords. Email addresses. All of it sitting on dark web forums, available to anyone willing to pay. If
