惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
P
Palo Alto Networks Blog
S
Securelist
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
NISL@THU
NISL@THU
L
Lohrmann on Cybersecurity
有赞技术团队
有赞技术团队
The GitHub Blog
The GitHub Blog
C
Cisco Blogs
B
Blog
Microsoft Azure Blog
Microsoft Azure Blog
Recent Announcements
Recent Announcements
Simon Willison's Weblog
Simon Willison's Weblog
T
Tenable Blog
Know Your Adversary
Know Your Adversary
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
月光博客
月光博客
Latest news
Latest news
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threat Research - Cisco Blogs
Cisco Talos Blog
Cisco Talos Blog
I
InfoQ
D
Darknet – Hacking Tools, Hacker News & Cyber Security
W
WeLiveSecurity
Hacker News - Newest:
Hacker News - Newest: "LLM"
酷 壳 – CoolShell
酷 壳 – CoolShell
U
Unit 42
C
Cybersecurity and Infrastructure Security Agency CISA
博客园 - 聂微东
人人都是产品经理
人人都是产品经理
Google DeepMind News
Google DeepMind News
Apple Machine Learning Research
Apple Machine Learning Research
Attack and Defense Labs
Attack and Defense Labs
罗磊的独立博客
T
The Exploit Database - CXSecurity.com
I
Intezer
GbyAI
GbyAI
Jina AI
Jina AI
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Blog — PlanetScale
Blog — PlanetScale
博客园 - 司徒正美
Google Online Security Blog
Google Online Security Blog
Engineering at Meta
Engineering at Meta
D
Docker
Recent Commits to openclaw:main
Recent Commits to openclaw:main
小众软件
小众软件
云风的 BLOG
云风的 BLOG
爱范儿
爱范儿
Project Zero
Project Zero

Blog on 1Password Blog

Why secure-by-design is an incentives problem, with Bob Lord | 1Password NIST and AI agents: 1Password’s approach to agent identity | 1Password Go beyond device health with External Checks in 1Password Device Trust | 1Password Natoma and 1Password help enterprises scale AI securely with governed agent access | 1Password New integrations between 1Password SaaS Manager and EPM | 1Password A first step toward post-quantum security | 1Password RSA 2026: Leading the way to secure agentic AI | 1Password How 1Password is Building a Culture of AI Fluency Through AI Champions | 1Password 1Password vs. Keeper Security: A comparison | 1Password 1Password vs. LastPass: Which is right for you? | 1Password Secure MCP credentials with 1Password and Runlayer | 1Password The next layer of AI security | 1Password Building the next chapter of Go-to-Market in EMEA | 1Password Automating SOC workflows with 1Password Enterprise Password Manager | 1Password Automated Provisioning hosted by 1Password: A Simpler, Smarter Way to Manage Access | 1Password Introducing 1Password® Unified Access: Identity Security for Humans and Their AI Agents | 1Password Next-generation automated provisioning, without compromising zero-knowledge security | 1Password Bitwarden vs. 1Password: Which password manager is right for you? | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password How to wrangle SaaS contract renewals | 1Password Stop trusting consumer browsers with work credentials | 1Password IAM stops at sign-in. Your credentials do not. | 1Password Your digital pit crew: a 10-minute pre-race security checklist | 1Password 1Password Device Trust is coming to EMEA | 1Password The identity transformation: Analyst and CIO insights | 1Password Why now is the moment to join 1Password Go-To-Market | 1Password Identity and Accountability in the Age of AI Agents | 1Password How 1Password secures agent architectures | 1Password 1Password becomes the first global partner to transact through Express Private Offers in AWS Marketplace | 1Password Start Learning on 1Password Academy | 1Password Expanding Programmatic Access to 1Password | 1Password Zero knowledge vs. a malicious server: A look at ETH Zurich’s research | 1Password Agents are making filesystems cool again | 1Password Black History Month employee spotlight: Joseph Ojelade | 1Password 1Password's new benchmark teaches AI agents how not to get scammed | 1Password Streamlining SaaS onboarding and offboarding | 1Password 3 common SaaS Management challenges and how to avoid them | 1Password How 1Password Is Evolving Its Partner Ecosystem | 1Password How to build secure agent swarms that power production-grade autonomous systems | 1Password From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password Solving the unsanctioned SaaS problem | 1Password 1Password and 60 Day Hustle: cybersecurity for small businesses | 1Password Security advisory for AI-assisted browsing interactions with the 1Password browser extension | 1Password It’s incredible. It’s terrifying. It’s OpenClaw. | 1Password Managing the risks of social logins | 1Password What’s the first security tool your small business should buy? | 1Password As AI Supercharges Phishing Scams, 1Password Introduces Built-In Protection | 1Password How to interview with confidence at 1Password | 1Password Five tips for successful SaaS Management | 1Password SaaS Manager | 1Password Why SaaS License Waste Is a Cost and Security Problem | 1Password AI is changing the IDE. With 1Password, security keeps up | 1Password How IT teams can get a handle on shadow IT | 1Password Bringing secure, just-in-time secrets to Cursor with 1Password | 1Password The Chasing Entropy Podcast Season One is in the Books | 1Password Now available via QBS Software: 1Password Enterprise Password Manager – MSP Edition | 1Password The hidden offboarding step draining your budget | 1Password AWS and 1Password: Innovation in AI and beyond | 1Password Simplifying credential security on OpenAI Atlas | 1Password From Social Work to Social Impact: Growing at 1Password | 1Password Improving in-page notifications in the 1Password browser extension | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password Now available via Renaissance: 1Password Enterprise Password Manager – MSP Edition | 1Password Behind the wheel at Oracle Red Bull Racing | 1Password Securing MCP servers with 1Password: Stop credential exposure in your agent configurations | 1Password What’s new in 1Password Enterprise Password Manager - Q4, 2025 | 1Password Belonging as a catalyst for high performance | 1Password Password habits are worsening, but leaders see a path to passwordless | 1Password A simpler, faster way to unlock 1Password | 1Password Oracle Red Bull Racing Episode 4, CIO Matt Cadieux | 1Password 70% of IT and security pros say SSO is falling short | 1Password 1Password's Phishing Survey: Avoid Holiday Phishing Scams | 1Password Securing the Win | 1Password SaaS optimization: How to maximize value and reduce costs | 1Password The enterprise AI crisis: Unsanctioned tools and unenforced policies | 1Password An Identity Security taxonomy for Agentic AI | 1Password Introducing new .env file support in 1Password environments | 1Password Speed and security: Mark Hazelton on protecting Oracle Red Bull Racing’s most valuable asset – its data | 1Password 1Password for Good: Giving back during cybersecurity awareness month | 1Password Utah Mammoth and Utah Jazz score with identity security | 1Password Oracle Red Bull Racing CEO and Team Principal | 1Password Three signs you need a SaaS Management Platform | 1Password Closing the credential risk gap for AI agents using a browser | 1Password Microsoft and Dropbox password managers are sunsetting: What it means and what to do next | 1Password From hackathon nerves to internship wins: Kavya’s journey at 1Password | 1Password 1Password now available in Comet, the AI-powered browser by Perplexity | 1Password 1Password announces new integration with Zscaler | 1Password Breaking the mold: Why more women should consider a career in sales | 1Password What security leaders need to know about mergers and acquisitions | 1Password Clickjacking: What it means for 1Password users | 1Password AI and security at Black Hat: 5 key takeaways from a security expert panel | 1Password Blog | 1Password Do any CISOs feel lucky? | 1Password How to lead with confidence in the AI era: a conversation with Nancy Wang, VP, Engineering | 1Password New Device Trust Check makes browser extension enforcement easier | 1Password Purpose, performance, and trust: Inside the culture powering 1Password’s next chapter | 1Password Now available on Pax8 Marketplace: 1Password Enterprise Password Manager - MSP Edition | 1Password The security principles guiding 1Password’s approach to AI | 1Password Choosing the right SaaS management platform for your business | 1Password Simplify access reviews with 1Password SaaS Manager | 1Password How great usability tripled Duke University's password manager adoption | 1Password
The role of credentials in the AI espionage campaign reported by Anthropic | 1Password
info@1password.com (Anand Srinivas) · 2025-12-09 · via Blog on 1Password Blog

Anthropic recently announced that the company has disrupted the first reported AI-orchestrated cyber espionage campaign. This attack used Claude Code to automate many steps, with AI handling up to 90% of the tasks, including web searches and the autonomous writing of exploit code. The attackers bypassed Claude’s guardrails by breaking each step into small tasks and role-playing as a red team member. By taking this approach, the attackers avoided having any individual Al task flagged for violating Claude guardrails. 

While this type of attack is new, the bad actors also relied on tried-and-true methods to maximize access. Once the AI agents obtained valid certificates, they relied on password extraction to move laterally within the target systems. Anthropic has broken down the espionage campaign into six distinct phases:

  • Campaign initialization and target selection: Human operators chose the relevant targets to be infiltrated.

  • Reconnaissance and attack surface mapping: AI cataloged target infrastructure and identified potential vulnerabilities. 

  • Vulnerability discovery and validation: Automated testing of identified attack surfaces to determine exploitability.

  • Credential harvesting and lateral movement: Systematic credential collection across target networks.

  • Data collection and intelligence extraction: AI queried databases and systems, extracted data, and categorized it based on perceived intelligence value.

  • Documentation and handoff: Claude generated documentation that included harvest credentials, extracted data, and a complete attack progression, which was handed off to operators. 

For our analysis, we’ll be focusing primarily on Phase 4: Credential harvesting and lateral movement. 

The role of credentials in the attack

Credentials played a key role in enabling bad actors to gain a foothold and expand their presence. As is typical with lateral movement attacks, once an attacker gains initial access, they seek additional ways to expand their reach. In this case, identifying useful credentials to further exploit each target was an intentional step that enabled the AI agent to escalate its operations from a foothold into a full-scale breach. 

Identifying and using credentials was critical to enabling this attack. Per Anthropic:

  • Systematic Collection: Claude executed “systematic credential collection across targeted networks.”

  • Extraction Methods: This involved “querying internal services and extracting authentication certificates from configurations.”

  • Lateral Movement: The harvested credentials were used to enable lateral movement. Claude tested authentication against “internal systems, including internal APIs, database systems, container registries, and logging infrastructure.”

  • Mapping Privileges: Crucially, the AI independently determined which credentials provided access to specific services. This enabled it to map privilege levels and access boundaries without human direction.

  • Getting to data collection and intelligence extraction: The successful extraction of credentials directly enabled the next phase (Phase 5: Data collection).

The ease with which the AI could query internal services, extract certificates, and leverage those credentials for widespread lateral movement highlights critical vulnerabilities in existing credential management systems, allowing the AI to act as an execution engine within a larger automated system.

How to minimize the damage by protecting credentials

The AI agent's ability to identify and collect credentials and secrets is highly problematic. Given that this is an example of how AI agents can perform the work of an entire team of hackers with minimal human supervision, there is an increased urgency for implementing proper safeguards around secrets, passwords, and certificates. This also highlights the criticality of ensuring that these security policies are implemented wall-to-wall, meaning every employee and system must be accounted for.

By taking this approach, even if the AI agent gains an initial foothold, the damage can be minimized, or the attack chain stopped, because the AI agents cannot move laterally within the target systems. Indeed, modern cybersecurity methodologies have principles that require these types of precautions to be taken:

  • Principle of least privilege: every entity within an organization should only have the minimum privileges required to complete its tasks.

  • Just-in-time access: access should only be provisioned when needed; standing or long-lived credentials should be minimized 

  • Use ephemeral credentials: where possible, provision credentials when needed and immediately deprovision credentials once used

We should note that the above are also critical elements of implementing a Zero Trust strategy, where all access must be verified before it is trusted.

How 1Password Helps

Solutions like 1Password can play an essential role in disrupting these types of attacks in the future. By securing credentials and secrets, the ability of AI agents to move laterally is minimized. This requires changing internal user behavior by requiring secure vaulting of credentials, as well as the development of policies that anticipate these types of attacks in the future. 

1Password’s offerings provide critical functionality that can help to minimize the damage caused by this type of attack:

  • Secure vaulting of credentials and secrets

  • Simplified creation and management of strong, unique passwords for every employee and AI agent

  • Separation of credentials from key internal systems

  • End-to-end encryption of credentials

  • Zero-knowledge architecture that uses dual-key encryption to ensure only you know your passwords 

  • Auditable, human-in-the-loop processes for sensitive credential access

The reality is that AI-driven cyberattacks will only increase going forward. So even if it isn’t possible to stop them entirely, damage can be mitigated by ensuring the proper behaviors are embraced by employees, and that starts by locking the front door and securing credentials. 

To learn more about 1Password, contact us today.