November Security Roundup | Sidestepping Authentication in a Passwordless World

Since the launch of our Ransomware Defense Report in September, continued research now shows that nearly a third – or 30% – of ransomware events were preceded by an infostealer malware infection this year. If that number feels like a pretty strong warning sign – we agree .

Keep reading for our latest ransomware research and other insights, like considerations when making the transition to passwordless, what we’re seeing with regards to mobile malware and specific infostealers, what to expect with holiday fraud trends, as well as product integration updates.

Wishing you an uneventful and pleasant start to the holiday season,

– Your friends at SpyCloud

Passwords are still a primary security measure for many of our digital touchpoints, but it’s no secret that they aren’t the most secure form of authentication. Fortunately, the cybersecurity landscape is shifting to a passwordless future – with passkeys offering the promise of tighter security. But if we’ve learned anything from the past, it’s that cybercriminals are pretty good at adapting to change. As we move toward a passwordless digital society, adversaries are finding new avenues to exploit, and challenging even the most sophisticated authentication systems. This whitepaper breaks down:

• Details about passkeys and their benefits.
• How cyber criminals are using passwordless authentication to their advantage, including the rising threat known as session hijacking.
• Guidelines on how to defend against next-generation authentication bypass techniques.

Get a copy of the whitepaper now >>

TRENDING

Prevalence of LummaC2 Infostealer Skyrockets

In just 6 months, SpyCloud research shows a 2000% surge in the LummaC2 infostealer. Learn more about what it is, what it can do, and what it means for security teams.

The Rise of Mobile Malware

What is mobile malware? Learn more about the alarming rise of mobile malware, and what your team can do to prevent and combat this growing threat.

IN OTHER NEWS

[On-Demand] Ransomware Reality Check: The New Landscape

Our team of experts shared the most important takeaways from the 2023 Ransomware Defense Report, and everything you need to know about how to defend against next-gen ransomware tactics.

Google is Killing Your Passwords, and Security Experts Are (Mostly) Happy About It

Google is making progress on making passwords a thing of the past. This article breaks down the benefits of passkeys as well as the challenges and potential risks, discussed by Trevor Hilligoss, Sr. Director of Security Research at SpyCloud.?

How Criminals Plan to Exploit Your Customers' Stolen Data this Holiday Season

Criminals are ramping up to take advantage of retailers and their customers' accounts during peak holiday shopping season. Here’s what ecomm businesses should have on their radar.

PRODUCT SPOTLIGHT

Teaming up with Microsoft: SpyCloud + Sentinel ?and Security Copilot

• Our integration for Microsoft Sentinel is now live in the Azure marketplace, enabling you to triage incidents directly within Sentinel using our built-in playbooks for high-severity breach and malware records. Explore the Sentinel integration. ?
• We're also working with Microsoft to help shape Security Copilot, their upcoming AI-powered product that will integrate with Sentinel and Defender for faster incident response - more soon! Read the Microsoft press release.

Upcoming Events

• CCN Cert Madrid, Spain Nov 29-Dec 1
• DoDIIS Portland, OR Dec 12-14

Have you been exposed?

Ignorance isn't bliss. Know immediately if your domain has stolen data circulating in the criminal underground with a simple search. Check your exposure today.