Obsolete password hashes on Linux represent a threat for user credentials and lateral movement. An old or weak password hash generally means:

• The user's password is easily brute forced if stolen using modern CPU and GPU hardware.

• The system is old and may have other problems lurking beneath as it's not being maintained.

• The user's account may have been moved onto a modern system, but the password has not been changed or updated in years to use the newer more secure algorithms.

In this video we discuss this threat and how Sandfly can agentlessly and rapidly identify user accounts vulnerable to this attack.

Sandfly is able to find this and many other types of Linux attacks without deploying any endpoint agents. Get your free license today or contact us for more information.

Transcript available on the YouTube video above.