October 17, 2023 at 05:54PM
IT administrators are using weak passwords to protect access to portals, leaving enterprise networks vulnerable to cyberattacks. Over 40,000 administrator credentials analyzed had the default password “admin,” showing a lack of strong authentication. Researchers warn that threat actors are targeting privileged users. To defend networks, strong and unique passwords should be used, and additional security measures should be implemented, such as disabling password saving and auto-fill options, checking domains during redirection, and avoiding cracked software.
Meeting Takeaways:
– Security researchers have found that IT administrators are using tens of thousands of weak passwords to protect access to portals, making enterprise networks vulnerable to cyberattacks.
– Out of over 1.8 million administrator credentials analyzed, more than 40,000 entries had the default password “admin,” indicating that IT administrators widely accept this weak password.
– The authentication credentials were collected between January and September of this year using Threat Compass, a threat intelligence solution from cybersecurity company Outpost24.
– The collected data, although not in plain text, could have been easily guessed in a simple password-guessing attack.
– Outpost24 identified a top 20 list of the weakest authentication credentials used for admin portals, highlighting the need for stronger and more unique passwords.
– Admin portals serve various purposes, such as configuration, account and security settings, customer tracking, and database operations.
– Threat actors are targeting privileged users through known and predictable passwords, emphasizing the importance of applying baseline security principles.
– To enhance network defense against info-stealing malware, Outpost24 recommends using an endpoint and detection response solution, disabling password saving and auto-fill options in web browsers, checking domains during redirection, and avoiding cracked software.
Please let me know if there’s anything else you would like me to cover or if you need any further information.