© Morey J. Haber 2020
M. J. HaberPrivileged Attack Vectorshttps://doi.org/10.1007/978-1-4842-5914-6_2

2. Privileges

Morey J. Haber1 
(1)
Heathrow, FL, USA
 
Today, privileges based on credentials are one of the lowest-hanging fruits in the attack chain. They are currently the easiest method for a threat actor to own a resource and, ultimately, the entire environment. These threats include
  1. 1.

    Insiders having excessive and unmonitored access to accounts, opening the potential for misuse and abuse

     
  2. 2.

    Insiders that have had their accounts compromised through successful phishing, social engineering, or other tactics

     
  3. 3.

    Accounts that have been compromised as the result of weak credentials, passwords, devices, and application models, allowing attackers to compromise ...

Get Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial