One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8437188 |
| Date de publication | 2024-01-09 11:57:12 (vue: 2024-01-09 16:08:27) |
| Titre | L'augmentation préoccupante des attaques centrées sur l'identité: tendances et faits The Concerning Rise in Identity-Centric Attacks: Trends and Facts |
| Texte | Identity threats are by no means a new type of crime. But in today\'s increasingly digitized world, there are more opportunities for bad actors to steal identities and engage in identity-centric attacks than ever before. Unfortunately, user identities are tough for businesses to protect. The fact that these types of attacks are skyrocketing is evidence of that-in the past year alone the Identity Defined Security Alliance reports that a whopping 84% of companies experienced an identity-related security breach. In this post, we\'ll take a look at identity attack statistics and trends and provide some recent case studies to illustrate how some attacks work. We\'ll also highlight one of the most important identity threat facts-that the human element plays a crucial role in the success of these attacks. Understanding identity-centric attacks There are many types of identity attacks. When most people think of these types of crimes, they often imagine traditional identity theft scenarios: Financial identity theft, where a criminal gains access to a victim\'s financial data, like their credit card details, bank account numbers or Social Security number, to make unauthorized purchases, withdraw funds or open new accounts. Tax identity theft, where a bad actor uses a victim\'s personal information to file false tax returns and claim refunds, diverting the money to their own accounts. Employment identity theft, where a fraudster uses a victim\'s identity to get a job, potentially causing issues for that person when discrepancies arise in their employment and tax records. But identity-based attacks also target enterprises and their online users. The cybercriminals behind these attacks might aim to steal sensitive data, siphon off funds, damage or disrupt systems, deploy ransomware or worse. Those are the types of identity attacks we\'re covering here. Identity threat trends and tactics In short, identity-centric attacks are a practical calculation by bad actors: Why would they invest their time and resources to build exploits to help them get in through a virtual back door when they can just walk through the front door? But before they reap the rewards, they still have some legwork to do. Here are a few techniques that cybercriminals use to progress identity-based attacks against businesses and their users: MFA bypass attacks. Many businesses today use multifactor authentication (MFA) to protect the account of their users. It\'s more secure than using passwords alone. But of course, bad actors have found new ways to bypass commonly used MFA methods. MFA fatigue attacks are one example. People-activated malware. People often give life to malware when they fall for a phishing scam or other social engineering tactics. Malware can appear in the form of a .zip file, QR code, .html link, MS Office file and more-there are at least 60 known techniques to plant people-activated malware on corporate networks. Active Directory (AD) attacks. Most enterprises today use AD as a primary method for directory services like user authentication and authorization. Cybercriminals are keen to target AD, which touches almost every place, person and device on a network. This approach works very well, too-more than half of identity-related breaches can be traced back to AD. Cached credentials harvesting. Cached credentials are commonly stored on endpoints, in memory, in the registry, in a browser or on disk. Attackers use various tools and techniques to collect these credentials and gain access to more privileged identities. Once they have harvested these credentials, they can use them to move laterally and log into different applications. Adversaries are likely to find a good “crop” when they are harvesting cached credentials. Recent research from Proofpoint found that more than one in 10 endpoints have exposed privileged account passwords, making it one of the most common identity risks. Keep in mind that cybercriminals are always innovating, and they are quick to build or adopt tools that |
| Envoyé | Oui |
| Condensat | $26 2022 2023 365 able about accepted access account accounts accounts achieved across action activated active actor actors actors: address adopt adversaries affiliated after against aim all alliance almost alone also always any appear applications approach are arise around artificial attack attacker attackers attacks attacks: attacks attempts audio audit authentication authorization automate awareness aws back bad bank based basta become before behind better black book breach breaches break browser build business businesses but bypass cached calculation can capita capita card carefully case cause causing centric chain challenges claim code collect common commonly companies company compelled components: compromise compromised concerning consider continuously contractor convinced corporate could course coverage covering create credentials credit crime crimes criminal critical crown crucial customer cybercriminals damage data defense defined deploy details detecting detection device different digitized directory disable disclose discover discrepancies disk disrupt diverting divulge doesn doing domain door download due duo education effective efficient element email emotions employment enable endpoint endpoints engage engineering enterprises environment escalate escalation essential even eventually ever every evidence example examples expected experienced exploits exposed extended extract fact factor facts fake fall fallout false fatigue fear file financial find form found fraudster fraudulent from front funds gain gains gang gaps generate get giant give good group guard had half harder harvest harvested harvesting have havoc heart help help here highlight highly how html human identify identities identity illustrate imagine impede impersonation important included includes increasingly information innovating inside intelligence inventory invest issues jewels job just keen keep known lapsus$ lateral laterally latest learn least legwork let life like likely link log login look loss made make makes making malware management many means meant memory method methods mfa microsoft middle might million mimikatz mind misconfigurations mitigate money more most move movement multifactor multiple multipronged network networks new news: normally notifications now number numbers off office often once one onelogin online open opportunities other others outsourcing overview own pam part passwords past pay people performing period person personal phishing place plant platform plays plus post potentially practical prevent primary privilege privileged privileges proactive process program progress proofpoint protect provide purchases quick ransomware reaches real realistic reap received recent recordings records reduce refunds registry reinforce related remediating remove reports research resources respond responding response: returns rewards rise risk risks role scam scenarios: secure security send sensitive september service services services several shadow short should siphon sites skyrocketing social solutions some source spotlight spring staggering statistics steal steps: stolen stop stored studies studies success suite supplier system systems tactics tactics take taking talk target targeted tax teach technique techniques technology testing than theft them then these think those threat threats through time to: today too tool tools touches tough traced traditional training trends trick tried tries two type types uber uber unauthorized understand understanding undetected unfortunately urgency use used user users users: uses using usually various very victim videos virtual vital vulnerable walk wanted ways well what when where which who whopping why withdraw work works world worse would wouldn year your zip “crop” |
| Tags | Ransomware Malware Tool Threat Studies |
| Stories | Uber |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.