Best Practice B-04: Exposing the Dangers of Poor Password Management With Security Intelligence

The continued effectiveness of certain threat actor tools is in part due to poor password hygiene. There is no honour among thieves, and some of these tools have been cracked, allowing any interested cybercriminal to use them at a cheaper price than offered by the original seller — or even completely free. Checkers and brute forcers are among these popular tools sold and shared on the criminal underground to validate credentials quickly and easily. This presentation draws on expert research to share insight into checkers and brute forcers that facilitate threat actor campaigns, and explains how security intelligence empowers organisations to defend against malicious attacks, strengthen password management, and prevent threat actors from capitalising on password reuse.