Mr.

PayPal Breach 2023: Tip of the Iceberg

By Steve ToutJanuary 24, 20232FA, Account Takeover Attacks, CredVerify, Exposed Data, leaked passwords

The PayPal breach of 2023 reminds us that 2FA isn’t a silver bullet and that credential security matters more than ever.

The Antidote for the LastPass password vault breach

By Steve ToutDecember 29, 2022Account Takeover Attacks, Exposed Data, ITDR, leaked passwords

The scale of the recent LastPass breach is so large, changing all the passwords isn’t the most practical or realistic solution.

VeriClouds Integrates with Ping Identity’s DaVinci to Enable Stronger Authentication and Stop Account Takeover Attacks

By Steve ToutOctober 19, 2022Connectors, Identity Threat Management, ITDR, Webinar

VeriClouds is pleased to announce that we will be launching CredVerify for Ping Identity’s PingOne DaVinci. The integration provides Ping customers with an integrated and systematic approach to automated detection and remediation of stolen and compromised credentials.

The Thing About Uber’s Data Breach

By Steve ToutSeptember 16, 20222FA, Authentication, compromised credentials, CredVerify

If an MFA prompt comes before entering in a password or is “passwordless” and doesn’t require one at all, then that needs to be called out as an ineffective security posture as well.

The Business Case for ITDR

By Steve ToutSeptember 14, 2022Cloud Security, Identity Threat Management, ITDR, Webinar

Hear VeriClouds founder and CEO, Stan Bounev, and Traceable AI CSO Richard Bird discuss how organizations should be thinking about and acting on ITDR with greater urgency.

Identity Threat Protection for the Enterprise

By Steve ToutNovember 4, 2018Cloud Security, Credential Monitoring

I received a handful of inquires today in response to Okta’s PassProtect announcement, so instead of copying and pasting a canned reply to my friends and colleagues, I thought I’d make a quick post with some of my thoughts. First of all, congrats to the Okta team for recognizing the value of breach notification and […]

How VeriClouds is Different (and better) than Have I Been Pwned

By Steve ToutSeptember 8, 20182FA, Authentication, Cloud Security, compromised credentials, Credential Monitoring, CredVerify, Dark Web, Identity Threat Management, leaked passwords, Online Account Secuirty, Risk Management, VeriClouds GDPR MaterialsHave I Been Pwned, HIBP

I am frequently asked about how VeriClouds Identity Threat Protection is any different than the free service Have I Been Pwned (HIBP). As the world’s obsession with whether they have been pwned or not became more obsessive and more compulsive, my team at VeriClouds was busy building the next generation credential monitoring and verification platform. […]

Compromised credentials a national security risk

By Steve ToutNovember 2, 2017CredMonitor, National Security

Each week we hear new reports of mega data breaches, and more often than not, compromised passwords are involved.1 By at least one report, the number of compromised records skyrocketed past 6 billion in the first half of 20172, a 6x increase from 2016. With the scope and frequency of data breaches increasingly and steadily […]

The Value of Leaked Credentials Intelligence In The Face of GDPR

By Steve ToutMay 10, 2017Cloud Security, Exposed Data, Online Account Secuirty, VeriClouds GDPR Materialsaccount takeover attack, gdpr, leaked credentials, password reuse

In late March of this year, Apple and its customers were hit with a startling demand: pay a ransom to a group calling itself The Turkish Crime family, or face having millions of iPhones, iPads and Macs remotely erased. It all turned out to be a bit of a hoax because The Turkish Crime Family […]

Author Archives: Steve Tout

We Accept Only Business Email Addresses – No Free or ISP Email Addresses