Back to Insights
MH

Marcus Hale

Head of Security Research

Marcus leads threat research at train2secure, tracking how breaches and ransomware campaigns unfold and what they reveal about human risk. He has spent over a decade analysing incident data and translating it into practical guidance for security and IT teams.

CISSPGCIH

Articles by Marcus

A photoreal wide-angle shot of a dimly lit enterprise server room at night, rows of glowing rack-mounted servers casting
Breaches

ShinyHunters Breached NAIC via Oracle PeopleSoft Zero-Day — But the Regulator Says the Haul Was Mostly Junk

The National Association of Insurance Commissioners confirms attackers exploited an unpatched vulnerability in an internet-facing PeopleSoft server, while disputing the extortion crew's characterization of what was actually stolen.

A dramatic low-angle shot of a server room corridor at night, rows of blinking rack-mounted servers fading into darkness
Ransomware

The Gentlemen Ransomware Group Ships a Centralized EDR Killer to Every Affiliate

GentleKiller blends signed-driver abuse with a hardcoded hit list of roughly 400 security processes — and every Gentlemen affiliate gets it as standard kit.

Photoreal editorial scene: a glowing digital key dissolving into streams of data inside a dark server room, shallow dept
Breaches

Klue Confirms OAuth Token Theft: Icarus Extortion Group Claims the Attack

The Vancouver-based competitive intelligence platform says attackers stole OAuth tokens and used them to reach customer Salesforce tenants — adding another entry to a growing list of SaaS-to-CRM supply-chain breaches.

A dramatic close-up photoreal editorial scene inside a dark server room bathed in blue and red lighting. In the foregrou
Ransomware

GentleKiller: How The Gentlemen RaaS Group Handed Affiliates a Ready-Made EDR Termination Kit

A May 2024 breach of The Gentlemen ransomware-as-a-service platform exposed the group's 'GentleKiller' framework — a pre-packaged tool that lets low-skill affiliates disable enterprise endpoint detection and response software at the kernel level.

A photoreal close-up editorial scene of a single physical combination padlock sitting on a dark brushed-metal surface, i
Breaches

Dashlane Brute-Force Attack Pulled Encrypted Vaults From Fewer Than 20 Accounts

An unknown actor targeted the 2FA layer on personal-plan accounts on May 31, 2026. The vaults left the server encrypted. Whether they stay that way depends entirely on how strong each user's master password is.

!@
Phishing Awareness

How to Recognise Phishing Emails in 2026

Phishing remains the number one attack vector for cyber criminals. Learn the telltale signs of a phishing email and how to protect yourself and your organisation from these increasingly sophisticated attacks.

A+
Compliance

GDPR Compliance Training Checklist

Ensure your organisation meets GDPR requirements with our comprehensive training checklist. From data handling procedures to breach notification protocols, cover all the essentials.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress