22 Apr
2020
22 Apr
'20
7:45 p.m.
On 22. Apr 2020, at 19.14, Michael Peddemors michael@linuxmagic.com wrote: The three most common attack vectors, (and attack volumes have never been higher) are:
- Sniffed unencrypted credentials (Assume every home wifi router and CPE equipment are compromised ;)
- Re-used passwords where data is exposed from another site's breach (Users WANT to re-use passwords, this is where 2FA shines)
- Weak Passwords (Users like using weak passwords, so implement password restrictions)
Actually by far the biggest source of stolen credentials is viruses/trojans harvesting them.
Sami