The Defender's Advantage Podcast

Threat Trends: Tales from the 2023 Trenches

Dec 12, 2023

37:47

Snipd AI

Doug Bienstock and Josh Madelay, Regional Leads for Mandiant Consulting, discuss threat trends in 2023 including business email compromise, common initial infection vectors, social engineering tactics, theft of credentials from outsourcing vendors, Fin 11's activities, enhancing security measures, rise of adversary-in-the-middle techniques, and data theft by ransomware threat actors.

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Threat actors are using sophisticated phishing pages to bypass multi-factor authentication and gain administrative access to victim networks, leading to an increase in ransomware attacks and extortion attempts.

Edge devices, like firewalls and VPN solutions, are attractive targets for threat actors due to vulnerabilities and delayed patching, allowing them to gain privileged credentials, implant backdoors, or steal data.

Deep dives

Increase in Business Email Compromise

There has been an increase in business email compromise, with threat actors leveraging sophisticated phishing pages to proxy users through the back-end authentication system. This allows them to obtain session tokens and bypass multi-factor authentication. Stolen credentials from business process outsourcing and IT vendors are specifically targeted to gain administrative access to downstream victim networks. This has led to an increase in ransomware attacks and extortion attempts.

Introduction

2min

Increase in Theft of Credentials from Business Process Outsourcers and IT Vendors

11min

Fin 11: Targeting File Transfer Services and Expanding Tactics

7min

Enhancing Security Measures: Moving Beyond User Awareness Training

4min

Rise of Adversary-in-the-Middle Techniques

6min

Threat Trends and Data Theft

7min

Doug Bienstock and Josh Madelay, Regional Leads for Mandiant Consulting, join host Luke McNamara to walk through some of the trends they have witnessed responding to breaches in 2023. Josh and Doug cover what is happening with business email compromise (BEC), common initial infection vectors, social engineering tactics, and more.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

The Defender's Advantage Podcast

Threat Trends: Tales from the 2023 Trenches

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Increase in Business Email Compromise

Exploitation of Edge Infrastructure

Adversary in the Middle Techniques and Sophisticated Phishing

Evolving Social Engineering Tactics

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

The Defender's Advantage Podcast

Threat Trends: Tales from the 2023 Trenches

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Increase in Business Email Compromise

Exploitation of Edge Infrastructure

Adversary in the Middle Techniques and Sophisticated Phishing

Evolving Social Engineering Tactics

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights