1 / 15

Három gyors kérdés

This article highlights the alarming trend of stolen credentials and vulnerabilities being shared and exploited by hacker communities. It discusses the mushroom effect of stolen credentials, the sale of vulnerabilities, and the potential risks to organizations. Additionally, it explores the window of exposure and the need for proactive measures to mitigate the risk. The article also addresses the implications for PR and brand reputation.

herndona
Download Presentation

Három gyors kérdés

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Három gyors kérdés

  2. 2018. május, forrás: Spycloud

  3. 2019.04.05 , forrás: Spycloud.com

  4. Team shares stolen credentials within their community Mushroom Effect Stolen credentials used in combo lists Team buys vulnerability. Org is breached. Credentials are stolen. Hacker discovers vulnerability Team sells credentials in underground Day0 Day500 Day2 Thousands of Attackers Hundreds of Attackers 1 Attacker Team of Attackers Friends of Attack Team

  5. Spycloud 2019.04.05: 22 milliárd account 18 milliárd jelszó, 11,000 forrásból

  6. ATO Timeline Team buys vulnerability. Org is breached. Credentials are stolen. Havulnerabilitycker discovers Team sells credentials in underground Breach “might” become public HUMINT to recover stolen data Scanners “might” pick up the stolen credentials Hacker sells vulnerability ATOs begin! Day0 Day800 Day501 Day500 Day3 Day2 Day4 Day1 EXPOSURE WINDOW EXPOSURE WINDOW EXPOSURE WINDOW

  7. https://www.ncia.nato.int/NewsRoom/Pages/170404-NITEC17-Innovation-Challenge.aspxhttps://www.ncia.nato.int/NewsRoom/Pages/170404-NITEC17-Innovation-Challenge.aspx

  8. Forrás: Verizon2018 Data Breach Investigations Report

  9. http://cdn.chiefmartec.com/wp-content/uploads/2016/03/marketing_technology_landscape_2016_3000px.jpghttp://cdn.chiefmartec.com/wp-content/uploads/2016/03/marketing_technology_landscape_2016_3000px.jpg

  10. Passwordreuse - credentialstuffing https://spycloud.com/the-anatomy-of-credential-stuffing/

  11. „43% of all logins seen by Akamai were attempts to log in to an account using password guessing or account details gathered from elsewhere on the Internet.” https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2017-state-of-the-internet-security-report.pdf

  12. PR, Brand kockázat?

More Related