The Defender's Advantage Podcast
Threat Trends: Tales from the 2023 Trenches
Dec 12, 2023
Doug Bienstock and Josh Madelay, Regional Leads for Mandiant Consulting, discuss threat trends in 2023 including business email compromise, common initial infection vectors, social engineering tactics, theft of credentials from outsourcing vendors, Fin 11's activities, enhancing security measures, rise of adversary-in-the-middle techniques, and data theft by ransomware threat actors.
37:47
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Threat actors are using sophisticated phishing pages to bypass multi-factor authentication and gain administrative access to victim networks, leading to an increase in ransomware attacks and extortion attempts.
- Edge devices, like firewalls and VPN solutions, are attractive targets for threat actors due to vulnerabilities and delayed patching, allowing them to gain privileged credentials, implant backdoors, or steal data.
Deep dives
Increase in Business Email Compromise
There has been an increase in business email compromise, with threat actors leveraging sophisticated phishing pages to proxy users through the back-end authentication system. This allows them to obtain session tokens and bypass multi-factor authentication. Stolen credentials from business process outsourcing and IT vendors are specifically targeted to gain administrative access to downstream victim networks. This has led to an increase in ransomware attacks and extortion attempts.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
