Skip to Content

Tag: Credential Compromise

Azure AD: Auto Validate Exposed Credentials

SearchLight customers can now automatically validate credential alerts via an integration with Azure AD, drastically reducing the time required to triage. As your organization’s digital footprint grows and grows, so does the opportunity for exposure of your organization’s credentials. Credential exposure is a high-priority issue, preventing attackers from accessing your systems or selling this access […]

Four Ways to Validate Credentials in SearchLight

Amid the billions of credentials that are breached each year, security teams are focused on one core question: do any of these breached passwords really provide access to my company’s systems? That is precisely why, in July, we announced the first of our automated actions – the ability to validate credentials in SearchLight. In this […]

Validate Exposed Credentials with Okta to Save Even More Time

SearchLight customers can now automatically validate credential alerts via an integration with Okta, drastically reducing the time required to triage.  You may have seen our recent research report, which discovered that there are more than 15 billion credentials exposed online. Since we published that report in June, that number has actually increased by another billion.  […]

SearchLight’s Credential Validation: Only Focus on What Matters

Of the many use cases associated with threat intelligence and digital risk protection, monitoring for exposed credentials is always one of the most popular.  It’s easy to see why. The average business user has 191 passwords and, unfortunately, 65% of users reuse the same password for multiple accounts or all accounts. With more than 15 […]

Four New Year Cyber Security Resolutions

Another year is upon us in the world of cyber-security, and few things are certain. Commentators are always prone to hyperbole: I remember in late 2017 reading claims that, “2017 was the year cyber nukes were dropped in the ocean, in 2018 they will hit land”. While, thankfully, nothing equating to a cyber nuke surfaced […]

Sextortion 2.0: A New Lure

Back in September we released a blog about the large volume of sextortion email campaigns that were hitting people’s inboxes. We have continued to monitor the campaigns and have seen a recent change in tactics, with some unusual approaches being favoured by the sextortionists this time around.   Cisco ASA vulnerability lure – too long; didn’t […]

Cyber Security Awareness Month: Week 4 – Privacy

This week in Brussels, Apple’s chief executive Tim Cook somewhat surprisingly castigated how personal data is handled by businesses and organizations. Aside from praising Europe’s General Data Protection Regulation (GDPR) and calling for similar measures to be brought to the U.S., Cook warned of how our data was being “weaponized against us with military efficiency”. […]

Cyber Security Awareness Month: Week 1 – Credential Hygiene

It’s the opening week of the annual National Cyber Security Awareness Month (U.S.) and Cyber Security Month (Europe). While good security shouldn’t be something we only think about on one month of the year, it’s a good opportunity to educate the general public about the importance of information security. For practitioners and organizations, it’s also […]