Head of Security Research
Marcus leads threat research at train2secure, tracking how breaches and ransomware campaigns unfold and what they reveal about human risk. He has spent over a decade analysing incident data and translating it into practical guidance for security and IT teams.

The National Association of Insurance Commissioners confirms attackers exploited an unpatched vulnerability in an internet-facing PeopleSoft server, while disputing the extortion crew's characterization of what was actually stolen.

GentleKiller blends signed-driver abuse with a hardcoded hit list of roughly 400 security processes — and every Gentlemen affiliate gets it as standard kit.

The Vancouver-based competitive intelligence platform says attackers stole OAuth tokens and used them to reach customer Salesforce tenants — adding another entry to a growing list of SaaS-to-CRM supply-chain breaches.

A May 2024 breach of The Gentlemen ransomware-as-a-service platform exposed the group's 'GentleKiller' framework — a pre-packaged tool that lets low-skill affiliates disable enterprise endpoint detection and response software at the kernel level.

An unknown actor targeted the 2FA layer on personal-plan accounts on May 31, 2026. The vaults left the server encrypted. Whether they stay that way depends entirely on how strong each user's master password is.
Phishing remains the number one attack vector for cyber criminals. Learn the telltale signs of a phishing email and how to protect yourself and your organisation from these increasingly sophisticated attacks.
Ensure your organisation meets GDPR requirements with our comprehensive training checklist. From data handling procedures to breach notification protocols, cover all the essentials.
Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.
