Tag: infostealer
-
The $1 Million Password: How One Infostealer Campaign Exposed the Gap Between Enterprise Security Rhetoric and Reality
One criminal leveraged old stolen passwords and a lack of multi-factor authentication (MFA) to quietly breach roughly 50 large enterprises—showcasing that the weakest link in cloud security is not technology, but basic governance and accountability. This campaign, run by a threat actor known as Zestix or Sentap, is a case study in how organizations can…
-
The $262 Million Security Theater: How MFA Failures and Three‑Year‑Old Passwords Fueled a Global Infostealer Breach
A single criminal campaign has exposed a structural weakness at the heart of modern enterprise security: organizations are spending heavily on advanced tools while still allowing three‑year‑old stolen passwords to unlock terabytes of their most sensitive data. Over roughly a year, a threat actor known as Zestix (aka Sentap) quietly breached about 50 global enterprises…
-
How One Access Broker Quietly Breached Dozens of Global Enterprises—And Exposed the Limits of Traditional Security
A single criminal operating under the aliases Zestix and Sentap has quietly breached dozens of major global enterprises not by exploiting advanced zero‑day vulnerabilities, but by doing something far simpler: logging in with valid usernames and passwords stolen from employees’ own devices. This campaign exposes a fundamental weakness in modern corporate security strategies—an overreliance on…