The Danger of Storing Authentication Credentials

Krebs On Security recently posted some details of the recover efforts of yet another company recovering from a devastating ransomeware attack.   @briankrebs points out that one of the under-appreciated vectors of these attacks is to deploy trojan software to steal passwords from all of the infected network endpoints. The result of this oversight may offer attackers [...]