Security Pros and Black Hats Agree on Most Tempting Targets

  /     /     /  
Publicated : 23/11/2024   Category : security

Security Pros and Black Hats Agree on Most Tempting Targets


Malicious actors look for accounts that are springboards to other systems, according to nearly 300 attendees of Black Hat USA.


While black hat hackers and IT security professionals operate on different sides of the fence, a survey conducted at Black Hat USA in Las Vegas last month indicates that they concur on one important point: domain administrator and service accounts make tempting targets for attack.
The survey, conducted by Thycotic, included 300 individuals, of which the majority — 80% — identified themselves as security professionals or white hat hackers. The rest self-identified as black hats, grey hats, or other. Overall, 59% of all of the respondents see domain admin accounts as a highly desirable target while 44% say that service accounts are juicy bullseyes.
White hats and security pros cited service accounts (24%) and domain admin accounts (26%) as the most vulnerable targets, and black- and grey hat hackers preferred domain admin accounts (33%), root accounts (30%), and service accounts (20%).
Service accounts, which are used to perform maintenance functions or allow processes to communicate among themselves, are targeted because its easy to elevate privileges and then spread malicious activity to other accounts, according to the survey. These accounts also tend to have static user names and passwords associated with them. More than half (53%) of IT pros say they rotate those passwords no more than once a month.
For more, read
here
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Security Pros and Black Hats Agree on Most Tempting Targets