The upward trend of credential use as an initial access vector highlights the need for organizations to move beyond human-reliant authentications.
“Adversaries continue to wager on improper credential hygiene across enterprises to carry out their attacks,” IBM Security X-Force researchers said in a blog.
Valid, compromised credentials are also a hot commodity in the cybercrime marketplace, accounting for the vast majority, almost 90%, of assets for sale on the dark web, the report found.