What is credential poisoning?

Credential poisoning refers to the practice of utilizing exposed credentials obtained from data breaches to gain unauthorized access to accounts or systems. Essentially, this involves taking advantage of leaked usernames and passwords that have been made public, often found on the dark web or shared through various online forums.

This method is notably dangerous because many individuals reuse passwords across different sites. Consequently, if malware or an attacker acquires a password from one breach, they can potentially use it to access accounts on other platforms where the same credentials are employed. Credential poisoning exploits this vulnerability to bypass security measures, making it a significant concern in the realm of cybersecurity.

The other options are not accurate representations of credential poisoning. Manipulating user privileges involves altering access permissions without the necessary authority, which is distinctly different from using exposed credentials. Enhanced credential security speaks to measures taken to protect credentials rather than exploiting them. Verifying user identity focuses on confirming that a user is who they claim to be, which is again unrelated to the act of using stolen credentials. Thus, the correct answer precisely captures the essence of credential poisoning.