Summary: Stolen credential-based attacks have surged, becoming the leading cyber threat in 2023/24, with a staggering 80% of web app attacks originating from this breach vector. Despite increased cybersecurity budgets, vulnerabilities remain due to inadequate MFA adoption and the rise of infostealer malware. This article explores the factors contributing to the rise in account compromises and offers recommendations for security teams to combat these threats.
Threat Actor: Cybercriminals | cybercriminals
Victim: Various organizations | various organizations
Keypoints :
- Stolen credentials were the primary method of attack, affecting major companies like Snowflake, Microsoft, and Disney.
- Infostealer malware has contributed significantly to the increase in credential theft, with compromised credentials easily sold on criminal forums.
- Despite the rise in MFA adoption, gaps remain, with 4 out of 5 accounts lacking MFA, making them vulnerable to attacks.
Source: https://thehackernews.com/2025/01/the-10-cyber-threat-responsible-for.html