Credential Dumping

Credential dumping is a type of cyber attack where a computer is breached and usernames and passwords are obtained by the attacker. This can be harmful if it happens to your personal computer, but it can be absolutely devastating if an attacker is able to perform credential dumping on a computer that is a part of a larger network.

This hacking technique is implemented after a computer has been breached by the attacker. Usernames and passwords are extremely valuable to cybercriminals and can be used to acquire sensitive information as well as to gain access to admin and other privileged account credentials and other computers on a network.

After gaining access to a computer, a hacker will perform credential dumping by gaining access to the cache of passwords that are stored in your computer s memory. For user convenience, operating systems and browsers have the ability to save usernames and passwords and then automatically fill in your login information to sites and programs you frequent. Unfortunately, this convenience has come at a cost and can leave your information more vulnerable to credential theft and dumping.

Mimikatz

One of the most common tools used to perform credit dumping is Mimikatz. This piece of code was created by Benjamin Delphy in 2007 in order to demonstrate a flaw in the security system of Windows. His code was successful and convinced Windows to eventually fix the flaw, and Mimikatz continued to be used for penetration and security testing. Sadly, the good intentions of the Mimikatz code have been taken advantage of, and it is now a popular tool for hackers.

How to avoid credential dumping






KJ Pace
KJ Pace
KJ Pace writes and coordinates content at TechnologyAdvice in Nashville, TN. When she’s not producing content, she enjoys reading, cooking, and playing with her dogs.

Related Articles

@ Sign

Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...