The Credential Heist Economy: Insights from 1 Million Malware Analyses
21 Oct 2025
Level 3, Room GW4 | Sands Expo and Convention Centre
Cyber Threat Landscape & Intelligence
Picus Security’s Red Report 2025 reveals exclusive telemetry: 14 million malicious actions from over 1 million malware samples show a 278 % YoY jump in infostealers. The outcome is 2 billion stolen credentials in dark-web markets, making password stores today’s weakest link.
In this session, Picus co-founder and chief scientist Dr. Suleyman Ozarslan will break down how these advanced threats infiltrate password vaults, evade detection, and turn stolen credentials into enterprise-wide compromise, and, crucially, how to stop them. He will also explain why credentials are now the "crown jewels" for attackers and how security leaders can bolster defenses accordingly.
Take-aways:
- The modern infostealer kill-chain with MITRE ATT&CK mapping
- Five KPIs every CISO needs to expose hidden credential debt
- A control blueprint: segmentation, zero-trust secrets, and continuous validation that trimmed credential attack surface by 62%.
In this session, Picus co-founder and chief scientist Dr. Suleyman Ozarslan will break down how these advanced threats infiltrate password vaults, evade detection, and turn stolen credentials into enterprise-wide compromise, and, crucially, how to stop them. He will also explain why credentials are now the "crown jewels" for attackers and how security leaders can bolster defenses accordingly.
Take-aways:
- The modern infostealer kill-chain with MITRE ATT&CK mapping
- Five KPIs every CISO needs to expose hidden credential debt
- A control blueprint: segmentation, zero-trust secrets, and continuous validation that trimmed credential attack surface by 62%.
