"The report shows threat actors now exploit software vulnerabilities more often than weak credentials for initial access, with the time from vulnerability disclosure to active attacks shrinking from weeks to days. Data theft remains the primary goal in most incidents, often achieved through identity compromise, vishing, or token theft, while living-off-the-land techniques and AI-assisted methods help attackers remain hidden and move quickly."
"Polish cybercrime investigators have identified seven minors, aged 12 to 16 at the time of the offenses, who distributed online software designed for launching DDoS attacks. The group targeted various popular websites, including auction platforms, sales sites, IT-related domains, hosting providers, and accommodation booking services. They operated as a coordinated team for profit and were fully aware of the illegal nature of their activities."
Google's Cloud Threat Horizons Report reveals significant shifts in cloud attack patterns. Vulnerability exploitation has surpassed weak credentials as the primary initial access method, with the time from disclosure to active exploitation compressed from weeks to days. Data theft remains attackers' primary objective, achieved through identity compromise, vishing, and token theft. Attackers employ living-off-the-land techniques and AI-assisted methods to evade detection and accelerate lateral movement. Additionally, Polish authorities identified seven minors aged 12-16 distributing DDoS attack tools targeting e-commerce and hosting platforms. US prosecutors charged a third BlackCat ransomware negotiator, continuing enforcement actions against the criminal organization.
#cloud-security-threats #vulnerability-exploitation #ddos-attacks #ransomware-enforcement #cybercrime-investigation
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]