The Register: Who needs phishing when your login’s already in the wild?

Apr 23, 2025

—

Source URL: https://www.theregister.com/2025/04/23/stolen_credentials_mandiant/
Source: The Register
Title: Who needs phishing when your login’s already in the wild?

Feedly Summary: Stolen credentials edge out email tricks for cloud break-ins because they’re so easy to get
Criminals used stolen credentials more frequently than email phishing to gain access into their victims’ IT systems last year, marking the first time that compromised login details claimed the number two spot in Mandiant’s list of most common initial infection vectors.…

AI Summary and Description: Yes

Summary: The prevalence of stolen credentials as a primary method for cloud break-ins highlights a significant shift in tactics among cybercriminals, indicating the need for enhanced security measures in cloud environments. This trend serves as a critical reminder for security and compliance professionals to prioritize credential security over traditional email phishing defenses.

Detailed Description: The text reports on findings from Mandiant regarding the methods used by cybercriminals to infiltrate IT systems. The shift toward stolen credentials as a preferred entry point emphasizes vulnerabilities in credential management and the need for robust security postures in cloud environments.

Key points include:
– **Rise in Stolen Credentials**: The use of compromised login details has surpassed phishing attacks for gaining unauthorized access, reflecting a change in cybercriminal strategy.
– **First Time in History**: This marks a significant milestone, indicating a worrying trend that could have wider implications for security practices.
– **Emphasis on Credential Security**: Organizations must reevaluate their security frameworks to account for this shift, ensuring that they are implementing best practices in credential management.

Practical implications for security and compliance professionals:
– **Strengthening Authentication Mechanisms**: Multi-factor authentication (MFA) should be prioritized to provide an additional layer of security against credential theft.
– **Regular Credential Audits**: Regular reviews of access controls and credential use can help identify and mitigate potential breaches before they occur.
– **User Education**: Ongoing training tailored to awareness around credential security can significantly reduce the risk associated with stolen credentials.

As the threat landscape continues to evolve, staying informed and adaptive will be crucial for organizations aiming to safeguard their infrastructures against such attacks.

2 2025 3 4 5 a access access control access controls account Act adaptive AI and as attack attacks audit Audits authentication authentication mechanisms aware awareness Best best practices breach breaches by C CI CIA Cloud cloud environment cloud environments co compliance compliance professionals compromised control controls credential credential management credential security credential theft credentials critical cyber cybercriminal cybercriminals D de defense defenses e edge education email end enhanced security enhanced security measures environment fact factor authentication factor authentication (MFA) first for framework frameworks g GIS Go gs H high Highlight HR http HTTPS implications in infection vectors infrastructure infrastructures Iron IRS k Key l land led Li M man management Mandiant measures MFA milestone multi multi-factor authentication Multi-Factor Authentication (MFA) N needs o of on one organization organizations ory out over phi phishing phishing attack Phishing Attacks phishing defenses point post potential practical implications pre professionals Q R rate RCE ready red report Risk Ro robust security s safe sec security security and compliance security framework security frameworks security measure security measures security posture security postures security practices shift Sig size SoC source SSE SSO stolen credentials Strategy structures system systems T tactics Tails text the theft threat threat landscape Time to Tor TP training two unauthorized access US use user user education uth V val vectors victims vulnerabilities Ware Wi x