HomeCyber BalkansHackers leveraging stolen credentials to conduct attacks as information theft surges

Hackers leveraging stolen credentials to conduct attacks as information theft surges

Published on

spot_img

A recent report has shed light on the concerning trend of lack of basic security measures that has left organizations vulnerable to attacks. According to the report, security misconfigurations accounted for 30% of all application vulnerabilities, with issues such as allowing concurrent user sessions posing a significant threat to multi-factor authentication.

In addition, identification and authentication failures were identified as the second leading risk, with weak password policies and other oversights contributing to the overall lack of security diligence. The report also highlighted that a staggering 84% of critical infrastructure incidents could have been mitigated with basic security routines, indicating the widespread impact of security negligence.

Furthermore, the report revealed a decline in ransomware attacks, with a decrease of 11.5% observed in 2023. This decline was attributed to larger organizations being better equipped to prevent ransomware attacks and their willingness to rebuild systems instead of paying the ransom. The report also noted that cybercriminals may be shifting their focus away from ransomware attacks due to the diminishing returns and the increasing difficulty in successfully deploying ransomware.

Commenting on the findings, Michael Sampson, principal analyst at Osterman Research, emphasized the persistent threat of phishing campaigns and the evolving tactics of cybercriminals. He suggested that as cybercriminals gain access to valid account credentials through other means, the need to run phishing campaigns may decline. However, he cautioned that future phishing campaigns could become more targeted as cybercriminals seek to compromise accounts that are not easily accessible through other methods.

The report serves as a stark reminder of the critical importance of basic security measures in protecting organizations from cyber attacks. It underscores the need for organizations to prioritize fundamental security practices such as asset and patch management, credential hardening, and the principle of least privilege.

As the threat landscape continues to evolve, organizations must adapt and enhance their security measures to effectively combat emerging threats. The decline in ransomware attacks is a positive development, but it should not overshadow the persistent and evolving nature of cybersecurity threats. Organizations must remain vigilant and proactive in implementing robust security measures to safeguard against potential vulnerabilities and attacks.

Source link

Latest articles

Two Young Hackers Sentenced for Disrupting London Underground

Police Declare Success After Arrests "Effectively Halted" Scattered Spider Cybercrime Collective In a significant development...

Inside Microsoft’s Record-Breaking Release of 622 Bugs

Microsoft's Record-Breaking Security Update Addresses Urgent Vulnerabilities On July 14, 2026, Microsoft announced an unprecedented...

Phishing Campaign Disguises Lua Loader as TrueType Font File

Disguised Threats: The Rise of a Large-Scale Phishing Operation In recent reports, a significant phishing...

Google Raises Security Concerns Over EU Order to Unleash Android

Artificial Intelligence & Machine Learning, Geo-Specific, ...

More like this

Two Young Hackers Sentenced for Disrupting London Underground

Police Declare Success After Arrests "Effectively Halted" Scattered Spider Cybercrime Collective In a significant development...

Inside Microsoft’s Record-Breaking Release of 622 Bugs

Microsoft's Record-Breaking Security Update Addresses Urgent Vulnerabilities On July 14, 2026, Microsoft announced an unprecedented...

Phishing Campaign Disguises Lua Loader as TrueType Font File

Disguised Threats: The Rise of a Large-Scale Phishing Operation In recent reports, a significant phishing...