Credential-based Attacks

Law firms across the UK have been given a stark warning in a recent report by the National Cyber Security Centre (NCSC): get serious about upgrading your cyber defences or risk your legally privileged information being stolen by ransomware... Read More

Cybersecurity measures force threat actors to get creative and come up with new and inventive ways to compromise user credentials. As the name suggests, hybrid password attacks involve combining two or more attack methods to carry out password cracking.... Read More

Compromising login credentials is the goal of many modern cyber-attacks. If successful, they can result in the worst types of data breaches, especially when high-level accounts are breached. One of the oldest and most common methods for guessing a... Read More

Monitoring and detecting account compromise is one of the most challenging tasks for IT admins and SecOps professionals. Once a legitimate account has been compromised, it can be difficult to detect an attacker’s activities until it’s too late and... Read More

A domain administrator account is the holy grail of privileged accounts in a Microsoft Active Directory environment. If an attacker can get their hands on a Domain Administrator account in the domain, they’ll have access to basically everything. Kerberoasting... Read More

User credentials are golden prizes for attackers. Weak or breached credentials provide an easy target for attackers looking to log in to a network instead of breaking in. Most businesses have caught on to the fact that multi-factor authentication... Read More

The Specops research team is publishing new data on how long it takes attackers to brute force guess user passwords with the help of newer hardware. They’ve been specifically looking at passwords protected by the popular MD5 hashing algorithm.... Read More