2. Israel
Saudi Arabia
Belgium
China
Bangladesh
North Korea
Iran
UK
CYBERARK
2
CREDENTIALS THEFT PAST
Lockheed Martin
Social engineering on RSA and
compromised third party
credentials
US
OPM Breach
The attacker manipulated third
party credentials to gain initial
foothold and compromise PII and
fingerprints
SWIFT attack
The bank’s SWIFT credentials
were compromise and used to
transfer money.
DUQU 2
The malware utilized a
vulnerability in the Kerberos
authentication protocol to
escalate privileges.
https://medium.com/@LaviLazarovitz_56453/brief-history-of-credentials-theft-1a9bb669a9a2
3. CREDENTIALS THEFT NOW
CYBERARK
3
Third Party Credentials
The security of your network is as strong as
your weakest trusted partner
Dirty Networks
Privileged credentials are compromised
in trusted contaminated machines
S.a.a.T – Security as a Target
Security personal and security controls
are used to take control of the network