{“lastseen”:”2025-08-21T11:09:26″,”description”:”\\n\\nAs security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks**often aren’t from cutting-edge exploits, but from cracked credentials and compromised accounts**. Despite widespread awareness of this threat vector, Picus Security’s **Blue Report 2025** shows that organizations continue to struggle with **preventing password cracking attacks** and **detecting the malicious use of compromised accounts**.\\n\\nWith the first half of 2025 behind us, **compromised valid accounts remain the most underprevented attack vector** , highlighting the urgent need for a **proactive approach focused on the threats that are evading organizations’ defenses.**\\n\\n## A Wake-Up Call: The Alarming Rise in Password Cracking Success\\n\\nThe **Picus Blue Report** is an annual research publication that analyzes how well organizations are preventing and detecting real-world cyber threats. Unlike traditional reports that focus solely on threat trends or survey data, the Blue Report is based on **empirical findings from over 160 million attack simulations** conducted within organizations’ networks around the world, using the **Picus Security Validation Platform**.\\n\\nIn the **Blue Report 2025** , Picus Labs found that **password cracking attempts succeeded in 46% of tested environments** , nearly doubling the success rate from last year. This sharp increase highlights a fundamental weakness in how organizations are managing \u2013 or mismanaging \u2013 their password policies. **Weak passwords** and **outdated hashing algorithms** continue to leave critical systems vulnerable to attackers using **brute-force** or **rainbow table attacks** to crack passwords and gain unauthorized access.\\n\\nGiven that password cracking is one of the **oldest and most reliably effective attack methods** , this finding points to a serious issue: in their race to combat the latest, most sophisticated new breed of threats,**many organizations are failing to enforce strong basic password hygiene policies while failing to adopt and integrate modern authentication practices into their defenses**.\\n\\n\\n\\n### **Why Organizations Are Failing to Prevent Password Cracking Attacks**\\n\\nSo, why are organizations still failing to prevent password cracking attacks? The root cause lies in the **continued use of weak passwords** and **outdated credential storage methods**. Many organizations still rely on easily guessable passwords and weak hashing algorithms, often without using proper salting techniques or multi-factor authentication (MFA).\\n\\nIn fact, our survey results showed that **46% of environments** had at least one password hash cracked and converted to cleartext, highlighting the inadequacy of many password policies, particularly for **internal accounts** , where controls are often more lax than they are for their external counterparts.\\n\\nTo combat this, organizations must **enforce stronger password policies** , **implement multi-factor authentication (MFA) for all users** , and **regularly validate their credential defenses**. Without these improvements, attackers will continue to compromise valid accounts, obtaining easy access to critical systems.\\n\\n### **Credential-Based Attacks: A Silent but Devastating Threat**\\n\\nThe threat of **credential abuse** is both pervasive and dangerous, yet as the**Blue Report 2025** highlights, organizations are still **underprepared** for this form of attack. And once attackers obtain valid credentials, they can **easily move laterally** , **escalate privileges** , and **compromise critical systems**.\\n\\n**Infostealers** and **ransomware groups** frequently rely on stolen credentials to **spread across networks** , burrowing deeper and deeper, often **without triggering detection**. This **stealthy movement** within the network allows attackers to **maintain long dwell times** , undetected, while they **exfiltrate data at will**.\\n\\nDespite this ongoing and well-known issue, organizations continue to prioritize perimeter defenses, often leaving **identity and credential protection** overlooked and under-funded as a result. This year’s Blue Report clearly shows that **valid account abuse** is at the core of modern cyberattacks, reinforcing the urgent need for a stronger focus on **identity security** and **credential validation**.\\n\\n\\n\\n### **Valid Accounts (T1078): The Most Exploited Path to Compromise**\\n\\nOne of the key findings in the Blue Report 2025 is that **Valid Accounts (MITRE ATT \\u0026CK T1078)** remains the **most exploited attack technique** , with a truly concerning **98% success rate**. This means that once attackers gain access to valid credentials, whether through **password cracking** or **initial access brokers** , they can swiftly move through an organization’s network, often bypassing traditional defenses.\\n\\nThe use of **compromised credentials** is particularly effective because it allows attackers to **operate under the radar** , making it harder for security teams to detect malicious activity. Once inside, they can **access sensitive data** , **deploy malware** , or **create new attack paths** , all while seamlessly blending in with legitimate user activity.\\n\\n### **How to Strengthen Your Defenses Against Credential Abuse and Password Cracking**\\n\\nTo protect against increasingly effective attacks, organizations should **implement stronger password policies** and enforce **complexity requirements** , while eliminating outdated hashing algorithms in favor of more secure alternatives. It is also essential to **adopt multi-factor authentication (MFA)** for all sensitive accounts, ensuring that even if credentials do become compromised, attackers can’t just use them to access the network without an additional verification step.\\n\\nRegularly validating **credential defenses** through **simulated attacks** is crucial to identifying vulnerabilities and ensuring that your controls are performing as expected. Organizations also need to **enhance their behavioral detection capabilities** to catch **anomalous activities** tied to credential abuse and lateral movement.\\n\\nAdditionally, monitoring and inspecting **outbound traffic** for signs of **data exfiltration** and ensuring that **data loss prevention (DLP) measures** are both in place and operating effectively are critical to protecting your sensitive information.\\n\\n### **Closing the Gaps in Credential and Password Management**\\n\\nThe findings in the Blue Report 2025 show that, unfortunately, many organizations are still vulnerable to the silent threat of **password cracking** and **compromised accounts**. And while strengthening perimeter defenses continues to be a priority, it’s also clear that **core weaknesses lie in credential management and internal controls**. The report also highlighted the fact that **infostealers** and **ransomware groups** are leveraging these gaps effectively. \\n\\nIf you’re ready to take proactive steps to **harden your security posture** , **reduce your exposure** , and **prioritize your critical vulnerabilities** , the **Blue Report 2025** offers invaluable insights to show you where to focus. And at **Picus Security** , we’re always happy to talk about helping your organization meet its specific security needs..\\n\\n**Don’t forget to get your copy ofThe Blue Report 2025** and take proactive steps today to improve your security posture.\\n\\nFound this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2025-08-21T10:50:00″,”modified”:”2025-08-21T10:50:19″,”type”:”thn”,”title”:”Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025″,”source”:””,”references”:””,”id”:”THN:77682B0396E302DBFA6C3F6C540F7EC3″,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2025\/08\/weak-passwords-and-compromised-accounts.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-08-21T11:09:26″,”description”:”\\n\\nAs security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks**often aren’t…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,13,33,7,11,43,5],"class_list":["post-13839","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n