Mass exploitation of the ProxyLogon and ProxyShell vulnerabilities in Microsoft Exchange Server by so-called initial access brokers (IABs) seems to have driven a substantial increase in median dwell times, which rose by 36% in 2021 from 11 days to 15, according to the latest edition of Sophos's Active Adversary Playbook.
[
add
]
[
|
|
...
]