Last year, criminals utilized stolen credentials more frequently than email phishing to access victims' IT systems, marking a shift in attack methods identified by Mandiant's annual report. This resurgence points to a growing cybercrime market focused on credential theft. Furthermore, financially motivated attacks increased slightly, with only a minority driven by espionage. Mandiant's analysis identified a rise in newly tracked threat clusters and underscored evolving tactics used in ransomware and cloud compromise attacks. Overall, exploits remain the primary method for initial access over the past five years.
Credential stealers have been and are a major issue, but we have seen a resurgence recently. Email tends to be noisier and easier to detect with phishing detection.
In 2024, Mandiant began tracking 737 new threat clusters, bringing the total number of groups on its radar to more than 4,500.
Collection
[
|
...
]