Security News > 2024 > February > CrowdStrike 2024 Global Threat Report: 6 Key Takeaways
Supply chain attacks are often used, as those attacks allow a threat actor to hit multiple targets easily.
No matter the motivation for a cybersecurity attack, identity-based and social engineering attacks are still taking center stage.
A huge 583% increase in Kerberoasting attacks has been observed by CrowdStrike.
Gaining an initial foothold on a targeted network is generally only the first phase of an attack; once they're in, the attackers need to break out of the first compromised device and move laterally to other parts of the network to reach their goals.
CrowdStrike highlighted another trend observed in 2023: The attacker's focus on End of Life product exploitation.
Since attackers tend to use less malware and use valid credentials and legitimate tools, it is difficult for defenders to differentiate between normal user and attacker activity; an understanding of the relationships between identity, cloud, endpoint and data protection telemetry is mandatory for that task.
News URL
https://www.techrepublic.com/article/crowdstrike-2024-global-threat-report/