Threat Hunting Report 2023: Identity-based attacks are on the rise

August 30, 2023
| No comments
B2B Cyber ​​Security ShortNews

Share post

The new Threat Hunting Report considers attack trends and tactics between July 2022 and June 2023.

The key findings of the report include:

The average breakout time – the time it takes for attackers to move laterally from one compromised host to the next within their victim’s environment – ​​hits a new low of 79 minutes (up from 84 minutes in 2022). The shortest breakout time of the year was a record time of just 7 minutes.

Misuse of Credentials

Attackers are increasingly relying on identity-based attacks: 62 percent of interactive attack attempts were based on the misuse of valid access data. At the same time, attempts to obtain secret keys and other credentials from cloud instances via metadata APIs increased by 160 percent.

Also of concern is the increase in the number of kerberoasting attacks, which rose by 583 percent. This is a technique that attackers can use to obtain valid Active Directory account credentials, which often give them elevated privileges and allow them to remain undetected in their victims' environments for extended periods of time.

Technology companies most affected

The number of interactive attack attempts increased by 40 percent year-on-year, with technology being the most targeted sector for the sixth straight year, followed by financial, retail and healthcare, and telecom.

The number of access broker listings served on the Dark Web is up 147 percent, a significant 35 percent increase compared to 6 months ago.

Go straight to the report at CrowdStrike.com

 

About CrowdStrike

CrowdStrike Inc., a global leader in cybersecurity, is redefining security in the cloud age with its completely redesigned platform for protecting workloads and devices. The lean single-agent architecture of the CrowdStrike Falcon® platform uses cloud-scaled artificial intelligence and ensures protection and transparency across the company. This prevents attacks on end devices both inside and outside the network. With the help of the company's own CrowdStrike Threat Graph®, CrowdStrike Falcon correlates around 1 trillion endpoint-related events worldwide every day and in real time. This makes the CrowdStrike Falcon platform one of the world's most advanced data platforms for cybersecurity.

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

 

Short news
, , , ,