Compromised Credentials, Account Takeover, and Intelligence-Driven Password PoliciesVisibility into the Illicit Communities where Credentials are Leaked
As the methods used by threat actors to steal credentials evolve and leaked data is readily available online, defenders are at an ongoing disadvantage and increasingly vulnerable to account takeover, fraud, and misuse.
Flashpoint's Evelyn French, Senior Analyst I, Tactical Monitoring, and Ian Gray, Director of Threat Intelligence, Americas, examine how visibility into the illicit communities where credentials are leaked can help organizations establish or refine password policies.
This video highlights:
- Sources: The various cybercrime communities where threat actors solicit, share, and sell password information
- Lifecycle: How quickly breached credentials are acquired and made available on illicit communities, how long they are circulated and at what price, and how the threat actors who purchase these credentials attempt to monetize them
- Economy: How brute force software is developed, what VPS and proxies are preferred by threat actors, and the division of labor between actors acquiring credentials and those conducting exploitation and monetization
- Evolution:How credentials are changing, from username password to cookies, secret questions, API keys, and cryptographic signatures