Why We Keep Talking About Password Security?
Apps Unveiled|September 2021
Protecting your credentials is one of the most important things you can do to defend yourself from ransomware and other cyberattacks. There are thousands of articles on password managers, best practices, and multi-factor authentication. Network domains, SaaS applications, and other systems often require complex passwords in the credential set, and even the most basic computer user has been told not to share passwords. So, why are we still talking about this topic?
Christine Barry

The 2021 Verizon Data Breach Investigations Report (DBIR) reveals that threat actors value credentials more than any other data type, including personal data such as Social Security numbers. Stolen credentials can lead to system intrusion, data exfiltration, malware infection, and many types of fraud. The same report finds that 80% of all basic web application attacks and at least 60% of all ransomware attacks rely on stolen credentials or brute force attacks. Credential stuffing attacks are a factor in 23% of security incidents in the organizations monitored for the report.

The most dangerous stolen credentials are those that remain active after they have been stolen. Attackers want to log into the targeted system as authenticated users. This allows them to traverse the systems as an authorized user and often extends the length of time they can hide from intrusion detection. Current credentials are especially important to nation-state actors and big-game hunters.

WAYS CREDENTIALS ARE USED IN CYBERATTACKS

Obsolete credentials may be less valuable, but there are still several ways for attackers to use old login information. This is underscored by the fact that stolen data is almost always sold to other attackers, and larger data sets are often sold at higher prices. Here are a few different ways that credentials are used in cyberattacks:

Unauthorized Access: The most obvious use of a credential set is unauthorized access. Criminals use the login information to access a system and proceed with the attack.

Credential Stuffing: This is an automated attack that attempts to log into web applications by rotating through sets of stolen credentials. It doesn’t matter if the credentials are current or outdated, because the credential set is being used on many different web applications.

Continue reading your story on the app

Continue reading your story in the magazine

MORE STORIES FROM APPS UNVEILEDView All

Why We Keep Talking About Password Security?

Protecting your credentials is one of the most important things you can do to defend yourself from ransomware and other cyberattacks. There are thousands of articles on password managers, best practices, and multi-factor authentication. Network domains, SaaS applications, and other systems often require complex passwords in the credential set, and even the most basic computer user has been told not to share passwords. So, why are we still talking about this topic?

5 mins read
Apps Unveiled
September 2021

Sleep Technology: How Can It Help Fight Insomnia

Do you ever wake up in the morning feeling groggy, sluggish, and almost as if you didn’t get any rest at all? It’s more common than you might think. Sleep technology that monitors sleep quality oversleep quantity might be your answer to helping you understand how to feel more restful and energized in the morning.

3 mins read
Apps Unveiled
September 2021

Bring The Best Of Google To Your iPhone 13

Just got the new iPhone 13? Check out the following tips, recommended to help you bring the best of Google to iOS.

1 min read
Apps Unveiled
September 2021

Google introduced two new tools that make Android phone even more accessible for people with speech and motor disabilities

Every day, people use voice commands, like “Hey Google,” or their hands to navigate their phones. However, that’s not always possible for people with severe motor and speech disabilities.

3 mins read
Apps Unveiled
September 2021

Biotech startup SweetBio and VC firm VamosVentures received funding through Apple's Racial Equity and Justice Initiative

Two years ago, Lauro Salvador injured his foot in a work accident, but for the 55-year-old diabetic, his ordeal was far from over.

4 mins read
Apps Unveiled
September 2021

Google Photos Now Offers New Sizes, Delivery Options For Your Ordered Prints

The team at Google Photos is currently busy rolling out larger photo print sizes, a new option to get your prints delivered right to your door and new canvas print sizes, so there are even more ways to print your favorite pictures.

1 min read
Apps Unveiled
August 2021

Threat Spotlight: Ransomware Trends

Ransomware attacks have surged in 2021, with the number of attacks increasing dramatically and ransom amounts continuing to skyrocket. Cybercriminals are also expanding their targets, shifting their focus to our critical infrastructure and evolving into deep-rooted software supply chain attack campaigns, which can cause long-lasting devastation.

6 mins read
Apps Unveiled
August 2021

4 New Apps In The Headlines

Mastodon for iPhone | Grain | Rainmaker - Fantasy Gaming | NDHGO

10 mins read
Apps Unveiled
August 2021

Microsoft acquired Clipchamp, a browser-based Video Editing app

Small business owners, marketers, influencers, students, educators, families, and information workers of all types need the capability to make great videos with minimal effort.

1 min read
Apps Unveiled
August 2021

Facebook partnered with Gurugram-based Indifi Technologies to offer collateral-free loans to SMEs

In partnership with Indifi, Facebook has recently announced the launch of its “Small Business Loan Initiative” programme for SMEs in India.

1 min read
Apps Unveiled
August 2021