{"id":46745,"date":"2022-05-20T14:00:00","date_gmt":"2022-05-20T14:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/endpoint\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap"},"modified":"2022-05-20T14:00:00","modified_gmt":"2022-05-20T14:00:00","slug":"authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/","title":{"rendered":"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Identity is the new currency, and digital adversaries are chasing wealth. According to Verizon&#8217;s&nbsp;&#8220;<a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\" target=\"_blank\" rel=\"noopener\">Data Breach Investigations Report<\/a>,&#8221; 61% of data breaches can be traced back to compromised credentials. Why? Breaking into systems with legitimate user credentials often enables attackers to move undetected across a network for intelligence gathering, data theft, extortion, and more. <\/p>\n<p>Access control is foundational to defending systems, but like any tool, it has its limits. Motivated attackers try to find ways around the edges of access control systems to gain access to accounts. Many companies have invested in anti-fraud technologies to detect and mitigate these types of attacks against high-value targets, such as login and payment flows.<\/p>\n<p>However, fraudsters&#8217; tactics can work equally as well in areas beyond login and payment flows. Therefore, we see persistent attackers who now target &#8220;identity construction&#8221; systems like provisioning, device enrollment, password reset, and other account management systems.<\/p>\n<p>Because these identity provider systems establish the basis for all access control, they are now attracting dedicated attention from cybercriminals. For example, LockBit, Avaddon, DarkSide, Conti, and BlackByte ransomware groups are all utilizing<a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/the-troubling-rise-of-internet-access-brokers\" target=\"_blank\" rel=\"noopener\">initial access brokers<br \/>\n(IABs)<\/a> to purchase access to vulnerable organizations on Dark Web forums. IABs have grown in popularity within the last couple of years and are significantly lowering the barriers to entering the world of cybercrime.<\/p>\n<p><strong>An Uptick in Identity-Related Attacks<br \/><\/strong>Recent attacks and extortion attempts on major third-party software like Okta and Microsoft are clear examples of the damage that can be done when compromised credentials are used to carry out account takeover (ATO) attacks. The Lapsus$ ransomware group conducted all of their ATO activity using stolen credentials that were obtained using&nbsp;<a href=\"https:\/\/www.wired.com\/story\/lapsus-hacking-group-extortion-nvidia-samsung\/\" target=\"_blank\" rel=\"noopener\">unconventional and sophisticated means<\/a>. <a href=\"https:\/\/krebsonsecurity.com\/2022\/04\/leaked-chats-show-lapsus-stole-t-mobile-source-code\/\" target=\"_blank\" rel=\"noopener\">Recent news suggests<\/a> that the group continues buying compromised account credentials until it finds one with source code access. <\/p>\n<p>While all online accounts are vulnerable to ATO fraud, bad actors tend to target accounts they consider highly valuable, like bank accounts and retail accounts with stored payment information. Bad actors typically will use automated tools such as botnets and machine learning (ML) to engage in massive and ongoing attacks against consumer-facing websites. With automated tools, they commit ATO fraud using techniques such as&nbsp;credential stuffing and brute-force attacks, as shown by <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/what-we-can-learn-from-lapsus-techniques\" target=\"_blank\" rel=\"noopener\">Lapsus$<\/a>.<\/p>\n<p>However, fraudsters don\u2019t always use automated tools for ATO fraud. They can gain access through phishing, call-center scams, man-in-the-middle (MITM) attacks, and Dark Web marketplaces. Some have even been known to employ human labor (&#8220;click farms&#8221;) to manually enter login credentials so that the attacks go undetected by tools that look for automated login attempts. Nevertheless, ATO is now the weapon of choice for many fraudsters, perhaps accelerated by the pandemic, with attempted&nbsp;<a href=\"https:\/\/resources.sift.com\/ebook\/digital-trust-safety-index-account-takeover-fraud-burden-business\/\" target=\"_blank\" rel=\"noopener\">ATO fraud rising 282%<\/a> between 2019 and 2020.<\/p>\n<p>Identity-based fraud can be extremely difficult to detect considering the advanced tactics and randomness of different crime groups. Most of the breaches we hear about in the news are a result of businesses relying on automated access control tools rather than tracking user accounts to detect unusual behavior quickly.<\/p>\n<p><strong>Access Control Layers Are Not Enough<br \/><\/strong>Historically, access control implements authentication and authorization services to verify identity. Authentication focuses on who a user is. Authorization focuses on what they should be allowed to do. <\/p>\n<p>These types of access control layers are a good first defense against identity-based fraud, but as made evident in recent attacks like Okta and Microsoft, fraudsters can bypass these tools fairly easily. There must be a second line of defense in the form of a detection system that learns and adapts. Therefore, companies should consider going beyond who a user is and what they are allowed to do, and ensure your identity system monitors and learns from what the user <em>is actually doing.<\/em><\/p>\n<p><strong>The Need for a More Dynamic System<br \/><\/strong>Many of the techniques that cybercriminals use lie at the intersection of security and usability. Simply looking at either security or usability misses the point. If we look only at how the security protocol <em>should<\/em> work, we miss the point of how users will realistically use it. And if we only think about how to make it easy to use, we miss how to keep the bad people out. The protection layer from access control establishes the &#8220;allowed\/not allowed&#8221; decision, but it should be backstopped by another layer of detection that observes and learns based on how the system is used and attempts at misuse. This second layer&#8217;s job includes identifying the tactics used to takeover accounts through brute force, redirection, tampering, and other means. <\/p>\n<p>As mentioned above, authentication is a static set of something you know, something you are, and something you have. But in a war against attackers that are dynamic, a static &#8220;shield&#8221; doesn\u2019t do much for the sake of defense. To address this gap, a robust learning system is required to identify and block dynamically changing attacker tactics. <\/p>\n<p>Companies are investing in identity graph technologies for many authentication and high-value flows. Identity graphs are a real-time prevention technique that collects data on more than a billion identities, including personas and behavior patterns, so that security teams can quickly identify unusual behavior from user accounts. [Note: The author&#8217;s company is one of a number using identity graph technology.] With this type of real-time, data-driven approach, teams can identify behavior and activities generated from automated tools like bots and ML algorithms and can detect unusual behavior before it causes any damage, such as theft or fraudulent purchases.<\/p>\n<p>To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics. Identity graph technologies can help organizations recognize attacker tactics across the whole identity life cycle, including provisioning and account maintenance. These techniques can ebb and flow with the sophisticated threat landscape we&#8217;re witnessing today.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/endpoint\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.Read More <a href=\"https:\/\/www.darkreading.com\/endpoint\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-46745","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-20T14:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap\",\"datePublished\":\"2022-05-20T14:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/\"},\"wordCount\":984,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltf4522c9b7a5042ac\\\/6284eee1842aa97d937eef42\\\/Identity_Carloscastilla_Alamy.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/\",\"name\":\"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltf4522c9b7a5042ac\\\/6284eee1842aa97d937eef42\\\/Identity_Carloscastilla_Alamy.jpg\",\"datePublished\":\"2022-05-20T14:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltf4522c9b7a5042ac\\\/6284eee1842aa97d937eef42\\\/Identity_Carloscastilla_Alamy.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltf4522c9b7a5042ac\\\/6284eee1842aa97d937eef42\\\/Identity_Carloscastilla_Alamy.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/","og_locale":"en_US","og_type":"article","og_title":"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-05-20T14:00:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap","datePublished":"2022-05-20T14:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/"},"wordCount":984,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/","url":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/","name":"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg","datePublished":"2022-05-20T14:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltf4522c9b7a5042ac\/6284eee1842aa97d937eef42\/Identity_Carloscastilla_Alamy.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/authentication-is-static-yet-attackers-are-dynamic-filling-the-critical-gap\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46745","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46745"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46745\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46745"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46745"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46745"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}