Attackers altering techniques
“Risk actors have discovered that making an attempt to deliver malware [in an initial compromise] is like going to the airport with a bottle of water in your pack — you’re most likely going to get caught,” Meyers stated in an interview, noting that defensive expertise like endpoint detection and response [EDR] is sweet at catching malware. So, he stated, “what’s more and more taking place is risk actors are attempting to maneuver away from being detected [through EDR] and doing it with id. This can be a pattern we’ve seen over the previous two years or so and is admittedly on the uptick, and is constant to evolve.”
However, he warned, “multi-factor authentication [MFA] just isn’t a silver bullet, and you have to have id risk detection and response functionality in your [IT] atmosphere or unhappy issues are going to occur.”
“It’s the previous [hockey] adage,” he added. “’Skate to the place the puck goes, to not the place it’s at proper now.’”
