© Morey J. Haber 2020
M. J. HaberPrivileged Attack Vectorshttps://doi.org/10.1007/978-1-4842-5914-6_2

2. Privileges

Morey J. Haber1 
(1)
Heathrow, FL, USA
 
Today, privileges based on credentials are one of the lowest-hanging fruits in the attack chain. They are currently the easiest method for a threat actor to own a resource and, ultimately, the entire environment. These threats include
  1. 1.

    Insiders having excessive and unmonitored access to accounts, opening the potential for misuse and abuse

     
  2. 2.

    Insiders that have had their accounts compromised through successful phishing, social engineering, or other tactics

     
  3. 3.

    Accounts that have been compromised as the result of weak credentials, passwords, devices, and application models, allowing attackers to compromise ...

Get Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.