TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

ESET WeLiveSecurity

Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture

2025-12-04 · Read original ↗

ATT&CK techniques detected

4 predictions
T1078Valid Accounts
99%
“employee ’ s password and encrypted critical systems. identity threats at a glance the risks posed by identity compromise are amplified by several other factors. least privilege is a critical best practice whereby individuals are given just enough access privileges to perform the…”
T1110.003Password Spraying
96%
“on their outsourced it helpdesk. - data breaches targeting password databases held by organizations or their outsourcers can be another valuable source of credentials for threat actors. like infostealers, these end up on cybercrime forums for sale and onward use. - brute - force …”
T1078Valid Accounts
41%
“that must be centrally managed. finally, there ’ s the threat from partners and suppliers to consider. that could mean an msp or outsourcers with access to your corporate systems, or even a software supplier. the bigger and more complex your physical and digital supply chains are…”
T1078Valid Accounts
32%
“phishing, privileges and passwords : why identity is critical to improving cybersecurity posture what do m & s and co - op group have in common? aside from being among the uk ’ s most recognizable high street retailers, they were both recently the victims of a major ransomware br…”

Summary

Identity is effectively the new network boundary. It must be protected at all costs.