October 17, 2022
Chris Clements, VP of Solutions Architecture at Cerberus Sentinel, comments on cybersecurity awareness month Spiceworks.
“The current threat landscape is incredibly diverse with nation state actors, organized cybercrime gangs, and a resurgence of bored teenagers hacking for the lulz. One commonality, however, is the access each has to buy both initial access into their victim networks as well as powerful offensive tools.”
“The LAPSUS$ group showed just how much damage a relatively unsophisticated attacker can achieve just by buying stolen credentials and spamming MFA prompts with little regard for their own consequences. Even well-funded nation-state level actors regularly employ the use of readily available commercial and open-source tooling as part of their operations, after all, why reinvent the wheel when an existing tool works, plus there’s the additional benefit of throwing off attribution by utilizing the same tools and techniques of run of the mill cybercrime gangs.”Click Here To Read The Full Story