Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Anthropic’s new Claude feature is quietly selling you on AI

    July 13, 2026

    Sri Lanka’s AI adoption shows technical depth despite lagging global rankings

    July 13, 2026

    Galaxy Z Flip 8 may be the final Galaxy Z Flip phone, another leak says

    July 13, 2026
    Facebook X (Twitter) LinkedIn
    Trending
    • Anthropic’s new Claude feature is quietly selling you on AI
    • Sri Lanka’s AI adoption shows technical depth despite lagging global rankings
    • Galaxy Z Flip 8 may be the final Galaxy Z Flip phone, another leak says
    • Samsung profits jump 1,800% as AI boom drives chip sales
    • BOC empowers Dambana indigenous community through digital payments
    • Cryptocurrency not legal tender but taxable: Dy. Minister
    • Dialog Introduces Dialog Pay, Unifying Connectivity, Payments and Financial Services
    • SLASSCOM Quality Summit 2026 highlights QA’s pivotal role in shaping future of AI-driven innovation
    Facebook X (Twitter) LinkedIn
    Techie.LKTechie.LK
    Demo
    • Home
    • Local
      1. AI & Machine Learning
      2. Consumer Tech
      3. Cybersecurity
      4. Enterprise Tech
      5. Fintech & Digital Payments
      6. GovTech & e-Governance
      7. Legal & Regulatory Tech
      8. Science & Innovation
      9. Startups & Venture
      10. Telecom & Connectivity
      Featured

      BOC empowers Dambana indigenous community through digital payments

      By Techie.lkJuly 13, 20260
      Recent

      BOC empowers Dambana indigenous community through digital payments

      July 13, 2026

      Cryptocurrency not legal tender but taxable: Dy. Minister

      July 13, 2026

      Dialog Introduces Dialog Pay, Unifying Connectivity, Payments and Financial Services

      July 7, 2026
    • International
      • AI & Machine Learning
      • Consumer Tech
      • Cybersecurity
      • Enterprise Tech
      • Fintech & Digital Payments
      • GovTech & e-Governance
      • Legal & Regulatory Tech
      • Science & Innovation
      • Startups & Venture
      • Telecom & Connectivity
    • Interviews
    • Profiles
    • Analysis
    • Contributors
    • Podcasts
    • More
      • About Us
      • Contact Us
    Techie.LKTechie.LK
    Home»International»Despite robust security measures, credential abuse techniques remain the most effective attack method
    International

    Despite robust security measures, credential abuse techniques remain the most effective attack method

    Techie.lkBy Techie.lkMay 28, 2026Updated:May 31, 2026No Comments0 Views
    Facebook Twitter LinkedIn WhatsApp Reddit Tumblr Email
    Despite robust security measures, credential abuse techniques remain the most effective attack method
    Adversary techniques conversion Kaspersky
    Share
    Facebook Twitter LinkedIn

    According to a recent global report by Kaspersky Security Services, password guessing and valid account misuse rank among the most effective tactics used by cyber criminals in 2025. This trend reflects a strategic shift, as attackers move away from triggering endpoint protection with noisy malware, in preference of leveraging legitimate access to evade detection.

    The ‘Anatomy of a Cyber World’ is an in-depth global report based on data gathered from Kaspersky Managed Detection and Response (MDR), Incident Response (IR), Compromise Assessment and SOC Consulting in 2025. It covers the most common adversary techniques, tools and detection scenarios and highlights the peculiarities of detected incidents.

    Despite robust security measures, credential abuse techniques remain the most effective attack method
    Adversary techniques conversion Kaspersky

    According to the report, a significant portion of the most frequently monitored attack techniques revolves around credentials and identity management. This analysis, which examines the conversion rates of various Indicators of Attack (IoA), highlights the following prevalent malicious tactics:

    Password guessing – 34.8pct. This technique entails attackers systematically trying different passwords until successfully gaining access to an account. It tops the conversion list due to its occurrence in both actual attacks and authorized security assessments, making it a persistent threat in today’s cybersecurity landscape. Organizations who rely on weak or reused passwords continues to enable this age-old strategy.

    Local account creation – 34.7pct. Once inside a system, attackers frequently create new local accounts to maintain access even if their original foothold is discovered and removed. This technique is frequently observed during security exercises and can be detected — but only with the right telemetry in place, which is often lacking.

    Valid account abuse – 34.5pct. Instead of deploying malware, attackers log in using stolen or compromised credentials and simply blend in with normal user activity. This makes detection significantly harder, as the access itself appears legitimate. The high conversion rate underscores why compromised credentials remain one of the most dangerous attack vectors.

    Account manipulation – 32pct. Attackers modify existing accounts to consolidate access such as by activating disabled accounts, altering group memberships, or escalating privileges. This reinforces the broader pattern — rather than introducing new tools, adversaries deepen their control using what is already there.

    Network service discovery – 31.2pct. Before moving deeper into a network, attackers typically scan for open services and systems they can reach. This reconnaissance step is a strong predictor of what follows: lateral movement and further exploitation. Detecting it early provides security teams a critical window to intervene.

    The report ranks attacker techniques by how frequently observed activity ultimately resulted in confirmed malicious incidents. According to Kaspersky experts, while MITRE ATT&CK® catalogs a vast number of adversary techniques, effective detection requires prioritizing behaviors with the highest probability of malicious intent while avoiding excessive false positives.

    “Threat actors do not always need sophisticated malware to achieve their objectives. In many cases, legitimate administrative tools and compromised accounts remain the fastest and most effective way to move inside an organization while avoiding detection. The continued popularity of these techniques shows that organizations need deep visibility into attacker behavior and the ability to correlate suspicious activity across different stages of an attack. To address these challenges, companies can enhance their security with our solutions: Kaspersky Managed Detection and Response and Incident Response which cover the entire incident management cycle – from threat detection to continuous protection and remediation,” comments Sergey Soldatov, Head of Security Operations Center at Kaspersky.

    To learn more about attacker tactics and techniques, the characteristics of detected incidents and their distribution across regions and industry sectors, read the full report.

    Share. Facebook Twitter LinkedIn
    Techie.lk
    • Website

    Related Posts

    Galaxy Z Flip 8 may be the final Galaxy Z Flip phone, another leak says

    July 13, 2026

    Samsung profits jump 1,800% as AI boom drives chip sales

    July 13, 2026

    Apple adds new popup for AI features that send data to Google Cloud

    July 7, 2026
    Leave A Reply Cancel Reply

    Demo
    Top Posts

    Sri Lanka’s USD 2.5 Million Cyber Fraud: Investigations Underway as Questions Emerge Over Payment Process

    April 23, 20268

    Sampath Bank and Apartner Bring Digital Payments to Sri Lanka’s Growing Condominium Sector

    March 16, 20268

    Moose Fan App gains significant traction throughout T20 World Cup

    March 12, 20267

    LankaPropertyWeb Unveils “Apartment Finder”: A Game-Changer in the Real Estate Market

    March 10, 20266
    Don't Miss
    AI & Machine Learning

    Anthropic’s new Claude feature is quietly selling you on AI

    By Techie.lkJuly 13, 20264

    At a time when AI backlash and data center protests are making headlines, Anthropic’s Claude is rolling out a…

    Sri Lanka’s AI adoption shows technical depth despite lagging global rankings

    July 13, 2026

    Galaxy Z Flip 8 may be the final Galaxy Z Flip phone, another leak says

    July 13, 2026

    Samsung profits jump 1,800% as AI boom drives chip sales

    July 13, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • LinkedIn

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Demo
    About Us
    About Us

    Your source for the lifestyle news. This demo is crafted specifically to exhibit the use of the theme as a lifestyle site. Visit our main page for more demos.

    We're accepting new partnerships right now.

    Email Us: techielkeditor@gmail.com
    Contact: +94 77 328 0773

    Facebook X (Twitter) LinkedIn
    Our Picks

    Anthropic’s new Claude feature is quietly selling you on AI

    July 13, 2026

    Sri Lanka’s AI adoption shows technical depth despite lagging global rankings

    July 13, 2026

    Galaxy Z Flip 8 may be the final Galaxy Z Flip phone, another leak says

    July 13, 2026
    Most Popular

    Sri Lanka’s USD 2.5 Million Cyber Fraud: Investigations Underway as Questions Emerge Over Payment Process

    April 23, 20268

    Sampath Bank and Apartner Bring Digital Payments to Sri Lanka’s Growing Condominium Sector

    March 16, 20268

    Moose Fan App gains significant traction throughout T20 World Cup

    March 12, 20267
    © 2026 Techie. Designed by NIKO.
    • Terms & Conditions
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.