Credential Theft
highcredential-theft
Attackers steal credentials to gain unauthorized access to systems
SpoofingElevation of Privilege
MITRE ATT&CK techniques
| ID | Name | Tactic |
|---|---|---|
| T1555 | Credentials from Password Stores | Credential Access |
| T1528 | Steal Application Access Token | Credential Access |
Common Weakness Enumeration
Mitigating controls
ctrl-cred-1- Implement multi-factor authentication
ctrl-cred-2- Rotate credentials regularly
ctrl-cred-3- Use secrets management solutions
ctrl-cred-4- Monitor for credential misuse
ctrl-cred-5- Implement credential-less authentication where possible