-
Passwork 7: Self-hosted password and secrets manager for enterprise teams
Passwork 7 unifies enterprise password and secrets management in a self-hosted platform. Organizations can automate credential workflows and test the full system with a free trial and up to 50% Black Friday savings.
- November 26, 2025
- 05:12 AM
0
-
Code beautifiers expose credentials from banks, govt, tech orgs
Thousands of credentials, authentication keys, and configuration data impacting organizations in sensitive sectors have been sitting in publicly accessible JSON snippets submitted to the JSONFormatter and CodeBeautify online tools that format and structure code.
- November 25, 2025
- 07:01 AM
4
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Kerberoasting in 2025: How to protect your service accounts
Kerberoasting attacks let hackers steal service account passwords and escalate to domain admin, often without triggering alerts. Specops Software shares how auditing AD passwords, enforcing long unique credentials, and using AES encryption can shut these attacks down early.
- November 13, 2025
- 10:02 AM
- 0
-
5 reasons why attackers are phishing over LinkedIn
Attackers are increasingly phishing over LinkedIn to reach executives and bypass email security tools. Push Security explains how real-time browser protection detects and blocks phishing across apps and channels as users load malicious pages.
- November 10, 2025
- 10:01 AM
- 0
-
Lost iPhone? Don’t fall for phishing texts saying it was found
The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials.
- November 09, 2025
- 10:12 AM
- 0
-
Why password controls still matter in cybersecurity
Passwords still matter — and weak policies leave the door wide open. Specops Software explains how longer passphrases, smarter banned-password lists, and adaptive rotation strategies can strengthen security without frustrating users.
- October 31, 2025
- 10:02 AM
- 0
-
Google disputes false claims of massive Gmail data breach
Google was once again forced to announce that it had not suffered a data breach after numerous news outlets published sensational stories about a fake breach that purportedly exposed 183 million accounts.
- October 27, 2025
- 04:32 PM
- 2
-
How to reduce costs with self-service password resets
Password resets account for nearly 40% of IT help desk calls, costing orgs time and money. Specops Software's uReset lets users securely reset passwords with flexible MFA options like Duo, Okta, and Yubikey while enforcing identity verification to stop misuse.
- October 24, 2025
- 10:06 AM
- 0
-
SonicWall VPN accounts breached using stolen creds in widespread attacks
Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials.
- October 13, 2025
- 11:58 AM
- 0
-
Your Service Desk is the New Attack Vector—Here's How to Defend It.
Service desks are prime targets. A practical, NIST-aligned workflow for help desk user verification that stops social engineering without slowing support. Learn how role- & points-based verification workflows stop attackers cold.
- October 02, 2025
- 10:00 AM
- 0
-
How secure are passkeys, really? Here's what you need to know
Passwords are weak links—88% of breaches involve stolen creds. Learn more from Specops Software about how passkeys deliver phishing resistance, simpler logins & lower support costs (with some hurdles to adoption).
- September 25, 2025
- 10:02 AM
- 0
-
PyPI urges users to reset credentials after new phishing attacks
The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials.
- September 24, 2025
- 09:15 AM
- 0
-
Why attackers are moving beyond email-based phishing attacks
Phishing isn't just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel phishing where it happens — inside the browser.
- September 22, 2025
- 10:01 AM
- 0
-
Target-rich environment: Why Microsoft 365 has become the biggest risk
Microsoft 365's dominance and tight integration makes it a massive target in today's cyber landscape. Its tight integration expands the attack surface and amplifies risk. Learn from Acronis TRU why backup blind spots & lateral movement risks demand stronger defenses.
- September 18, 2025
- 10:02 AM
- 0
-
Plex tells users to reset passwords after new data breach
Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases.
- September 08, 2025
- 09:03 PM
- 1
-
Beyond GDPR security training: Turning regulation into opportunity
Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture.
- August 26, 2025
- 10:00 AM
- 0
-
Microsoft 365 'Direct Send' abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials.
- June 26, 2025
- 09:00 AM
- 3
-
Can users reset their own passwords without sacrificing security?
Self-service password resets (SSPR) reduce helpdesk strain—but without strong security, they can open the door to attackers. Learn why phishing-resistant MFA, context-aware verification, and risk-based detection are critical to secure SSPR implementation.
- June 20, 2025
- 10:01 AM
- 0
-
Webinar: Stolen credentials are the new front door to your network
Cybercriminals no longer need zero-days to breach your systems—these days, they just log in. Join BleepingComputer, SC Media, and Specops Software's Darren Siegel on July 9 at 2:00 PM ET for a live webinar on how attackers are using stolen credentials to infiltrate networks and how you can stop them.
- June 19, 2025
- 12:33 PM
- 0
-
ChainLink Phishing: How Trusted Domains Become Threat Vectors
Phishing has evolved—and trust is the new attack vector. ChainLink Phishing uses real platforms like Google Drive & Dropbox to sneak past filters and steal credentials in the browser. Watch Keep Aware's on-demand webinar to see how these attacks work—and how to stop them.
- June 18, 2025
- 10:02 AM
- 0
