"Attackers Are Logging in Instead of Breaking In"

According to Sophos, cyberattackers used more than 500 unique tools and tactics in 2022. The analysis of data from over 150 Sophos Incident Response (IR) cases revealed over 500 unique tools and techniques, including 118 Living off the Land binaries (LOLBins). LOLBins, unlike malware, are executables that are naturally present on operating systems, making it much more difficult for defenders to prevent their malicious use. In addition, Sophos discovered that unpatched vulnerabilities were the most common cause of initial system access by attackers. Attackers exploited ProxyShell and Log4Shell vulnerabilities in half of the included investigations to infiltrate organizations. The second most common cause of attacks was compromised credentials. This article continues to discuss key findings from Sophos' report on the changing behaviors and attack techniques that adversaries used in 2022.

Help Net Security reports "Attackers Are Logging in Instead of Breaking In"