Tag: Password security

Credential stuffing is a type of cyberattack where attackers use stolen username and password combinations, often obtained from previous data breaches, to gain unauthorized access to multiple online accounts. The attacker automates the process of trying these combinations across various websites,...

There are some things you want to keep private such as your bank account number, government ID number, etc. In the digital age, that includes the passwords that protect these accounts because once your account credentials are compromised, cybercriminals can get that information. That is why...

In the wake of escalating cyber-attacks and data breaches, the ubiquitous advice of "don't share your password" is no longer enough. Passwords remain the primary keys to our most important digital assets, so following password security best practices is more critical than ever. Whether you're...

Even as more advanced forms of authentication, such as biometrics, are developed and implemented, passwords continue to be a commonly used form of authentication. This is partly due to the fact that they are relatively simple to implement and require little infrastructure to support. However, the...

One critical way that attackers gain access to an IT environment and escalate their privileges is by stealing user password hashes and cracking them offline. We covered a method for harvesting service account passwords in our post on Kerberoasting. Here we will explore a technique that works...

Learning how attackers target weak domain account passwords is not enough for Active Directory security. Let’s look beyond domain accounts and understand the ways adversaries attack local accounts on Windows servers and desktops.  For this post, we will focus on the most important local account:...

Group Managed Service Accounts Overview The traditional practice of using regular user accounts as service accounts puts the burden of password management on users. As a result, the account passwords often stay the same for years — which leaves them highly susceptible to brute force attacks and...

What is WDigest? Digest Authentication is a challenge/response protocol that was primarily used in Windows Server 2003 for LDAP and web-based authentication. It utilizes Hypertext Transfer Protocol (HTTP) and Simple Authentication Security Layer (SASL) exchanges to authenticate. At a high...

Passwords are everywhere — and nobody likes them. For users, they are a pain to remember and manage. For businesses, they continue to be a primary source of data breaches, both on premises and in the cloud. In fact, the 2022 Verizon DBIR reports that credential theft was involved in nearly half...

Knowing the credentials for any user account in your network gives an adversary significant power. After logging on as a legitimate user, they can move laterally to other systems and escalate their privileges to deploy ransomware, steal critical data, disrupt vital operations and more. Most...