My friend Alex Bovicelli just shared some excellent insights on the current SMB ransomware wave. If you want to understand the reality of the threat landscape, this video is a must-watch.
Alex explains how companies like Tokio Marine HCC are moving beyond reactive defense. They are using their massive visibility into incidents to focus specifically on the operations of Initial Access Brokers.
He highlights that infostealers have become the primary engine for these brokers. By tracking the data originating from infostealer logs, security teams can identify compromised credentials before they are weaponized. Alex makes a strong case for why focusing on this specific stream of intelligence is the key to getting ahead of these attacks.
It is great to see industry leaders zeroing in on the source of the infection. Check out his full breakdown here:
How Infostealers Industrialize the Brute-Forcing of Corporate SSO Gateways
How Infostealers Industrialize the Brute-Forcing of Corporate SSO Gateways How Infostealers Industrialize the Brute-Forcing of Corporate SSO Gateways Recently, the cybersecurity community was alerted to
February 26, 2026
