Navigation section
credential abuse
About this tag
Credential abuse is a common initial access technique used by threat actors, including Russian Foreign Intelligence Service (SVR) cyber actors, to compromise networks. On WindowsForum.com, discussions cover how attackers exploit stolen or weak credentials to gain unauthorized access, often as part of broader cyber operations targeting government, think tank, and policy organizations. Topics include best practices for network defenders to detect and prevent credential abuse, such as implementing multi-factor authentication, monitoring for anomalous logins, and enforcing strong password policies. The tag focuses on real-world threats and mitigation strategies relevant to Windows and enterprise IT environments.
-
AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
Original release date: April 26, 2021 Summary The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29...- News
- Thread
- active directory apt29 cloud exploitation credential abuse cyber defense cyber exploitation cyber operations intrusion detection malware multi-factor authentication network security security security best practices solarwinds svr threat intelligence vps hosting wellmess zero-day
- Replies: 0
- Forum: Security Alerts