Compromised Credentials: 7 Ways to Fight Credential Attacks


92% of cyber security & app development professionals reported to Axiad that they’re worried about compromised credentials stemming from phishing social engineering attacks. Here’s what you can do to strengthen your organization and its secrets against credential attacks.  

Credential attacks are a growing issue. Earlier this year, Microsoft Tweeted in a series of five messages that Russian hackers used “a variety of password spray, brute-force, and token theft techniques” and “session replay attacks to gain initial access to cloud resources leveraging stolen sessions likely acquired via illicit sale.” These attacks use residential proxy services to hide where the attacks are coming from.

This is just one example of some of the credential attacks we’re seeing against organizations. There are many others occurring virtually every day, as cybercriminals increasingly try to get their hands on as many compromised credentials as possible. In fact, Verizon reports in its 2023 Data Breach Investigations Report (DBIR) that 86% of web application attacks involve the use of compromised credentials.

Microsoft released a patch in March to address the security issue described above, but recently (June 21) posted that there’s been an increase in these types of credential attack activities targeting “governments, IT service providers, NGOs, defense industry, and critical manufacturing.”

So, what can businesses do to fight back against attackers who want compromised credentials and harden their security against credential attacks?

Let’s hash it out.

The post Compromised Credentials: 7 Ways to Fight Credential Attacks appeared first on Hashed Out by The SSL Store™.


Article link

Buy SSL/TLS Certificate