One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8445999 |
| Date de publication | 2024-02-02 05:00:40 (vue: 2024-02-02 15:07:48) |
| Titre | Brisez la chaîne d'attaque: le gambit d'ouverture Break the Attack Chain: The Opening Gambit |
| Texte | The threat landscape has always evolved. But the pace of change over the last decade is unlike anything most security professionals have experienced before. Today\'s threats focus much less on our infrastructure and much more on our people. But that\'s not all. Where once a cyberattack may have been a stand-alone event, these events are now almost always multistage. In fact, most modern threats follow the same playbook: initial compromise, lateral movement and impact. While this approach has the potential to cause more damage, it also gives security teams more opportunities to spot and halt cyberattacks. By placing protections in key spots along the attack chain, we can thwart and frustrate would-be cybercriminals before their ultimate payoff. This starts with understanding the opening gambit: How do threat actors attempt to gain access to your king-in this case, your networks and data? And what can be done to keep them at bay? Understanding the playbook The chess parallels continue when we look at recent evolutions in the threat landscape, with our defensive tactics provoking an adapted method of attack. We see this in full effect when it comes to multifactor authentication (MFA). In recent years, security professionals have flocked to MFA to protect accounts and safeguard credentials. In response, threat actors have developed MFA bypass and spoofing methods to get around and weaponize these protections. So much so that MFA bypass can now be considered the norm when it comes to corporate credential phishing attacks. Increasingly, cybercriminals purchase off-the-shelf kits which enable them to use adversary-in-the-middle (AiTM) tactics to digitally eavesdrop and steal credentials. We have also seen an increase in other human-activated methods, such as telephone-oriented attack delivery (TOAD). This method combines voice and email phishing techniques to trick victims into disclosing sensitive information such as login credentials or financial data. Whatever the method, the desired outcome at this stage is the same. Cybercriminals seek to get inside your defenses so they can execute the next stage of their attack. That is what makes the opening gambit such a critical time in the lifecycle of a cyber threat. Modern threat actors are experts at remaining undetected once they are inside our networks. They know how to hide in plain sight, move laterally and escalate privileges. So, if this stage of the attack is a success, organizations have a huge problem. The good news is that the more we understand the tactics that today\'s cybercriminals use, the more we can adapt our defenses to stop them in their tracks before they can inflict significant damage. Countering the gambit The best opportunity to stop cybercriminals is before and during the initial compromise. By mastering a counter to the opening gambit, we can keep malicious actors where they belong-outside our perimeter. It will surprise no one that most threats start in the inbox. So, the more we can do to stop malicious messaging before it reaches our people, the better. There is no silver bullet in this respect. artificial intelligence (AI)-powered email security is as close as it gets. Proofpoint Email Protection is the only AI and machine learning-powered threat protection that disarms today\'s advanced attacks. Proofpoint Email Protection uses trillions of data points to detect and block business email compromise (BEC), phishing, ransomware, supply chain threats and plenty more. It also correlates threat intelligence across email, cloud and network data to help you stay ahead of new and evolving threats that target your people. However, the difficult reality is that nothing is entirely impenetrable. Today\'s security teams must assume some threats will reach the inbox. And your people need to be prepared when they do. Equipping this vital line of defense requires total visibility into who is being attacked in your organization-and when, where and how. Once you have identified the people who ar |
| Envoyé | Oui |
| Condensat | about access accounts across activated actors adapt adapted advanced adversary ahead aitm all almost alone along also always anything approach are around artificial assess assume attack attacked attacks attempt authentication awareness back bay bec been before behavior being belong best better block blog break breaking bullet business but bypass can case cat cause centric chain chain: change check checkmate checks chess close cloud combines comes compromise considered continue corporate correlates could counter countering credential credentials critical crucial cyber cyberattack cyberattacks cybercriminals cybersecurity damage data decade defend defense defenses defensive delivery desired detect developed difficult digitally disarms disclosing done during eavesdrop effect email enable endgame enjoyed entirely equipping escalate escalation event events every evolutions evolved evolving execute experienced experts fact fail financial find flocked focus follow from frustrate full gain gambit gambit: gambit game get gets gives good halt has have help hide higher how however huge human identified impact impenetrable inbox inboxes increase increasingly inflict information infrastructure initial inside intelligence keep key king kits know landscape last lateral laterally learn learning less lifecycle like line login look machine makes malicious mastering may messaging method methods mfa middle modern more most mouse move movement much multifactor multiple multistage must need needed network networks new news next norm not nothing now off once one only opening opportunities opportunity organization organizations oriented other out outcome outside over pace parallels part payoff people people™ perimeter phase phishing placing plain playbook: playbook plenty points position potential powered prepared privilege privileges problem professionals proofpoint protect protecting protection protections provoking purchase ransomware reach reaches reading reality recent remaining remember requires respect response right risk safeguard same second security see seek seen sensitive shelf sight significant silver simulations some spoofing spot spots stage stand start starts stay steal stop strong struggle success such supply surprise tactics tailor take target targeted teams techniques telephone that them these those threat threats thwart time toad today total tracks training trick trillions ultimate understand understanding undetected unlike use users uses using vaps very victims visibility vital voice vulnerable watch weaponize webinar: week what whatever when where which who why will would years your “break |
| Tags | Ransomware Threat Cloud |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.