Password still top threat
New research from the WatchGuard Threat Lab shows the emergence of the Mimikatz credential-stealing malware as a top threat and the growing popularity of brute force login attacks against web applications. The research also reveals that 50% of government and military employee LinkedIn passwords, largely from the US, were weak enough to be cracked in less than two days, underscoring the reality that passwords alone can’t offer sufficient protection and the need for multi-factor authentication (MFA) solutions. WatchGuard’s Internet Security Report (https://) for Q2 2018 explores the latest security threats affecting small to midsize businesses (SMBs) and distributed enterprises.
“Authentication is the cornerstone of security and we’re seeing overwhelming evidence of its critical importance in the common trend of password- and credential-focused threats throughout Q2 2018,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “Whether it’s an evasive credential-stealing malware variant or a brute force login attack, cyber criminals are laser-focused on hacking passwords for easy access to restricted networks and sensitive data. Every organization should seek out vendor and solution provider partners that offer layered protection against these ever-evolving attack techniques.”
At WatchGuard, these trends are driving new innovative defences within our product portfolio, including AuthPoint, its Cloud-based multi-factor authentication solution and our IntelligentAV service that leverages three malware detection engines to prevent malware strains that evade traditional signature-based antivirus products.
The insights, research and security best practices included in WatchGuard’s quarterly Internet Security Report are designed to help organisations of all sizes understand the current cyber security landscape and better protect themselves, their partners and customers from emerging security threats.