BLOG

The Defender's Advantage Cyber Snapshot Issue 2 — More Insights From the Frontlines

Shelly Tzoumas
Oct 17, 2022
2 min read
|   Last updated: Jun 28, 2023
Defender's Advantage
Threat Intelligence

When we released our first The Defender’s Advantage Cyber Snapshot during RSA Conference 2022, our goal was simple: to provide insight into cyber defense topics of growing importance based on our observations from the frontlines of the latest cyber attacks.

In the latter half of this year we’ve reported on a number of threats from information operations campaigns to widespread campaigns targeting Microsoft 365, Duo Authentication, and cryptocurrency platforms, and our continued tracking of activity from advanced state-sponsored threat actor groups.

This varied threat landscape demands deeper insight to gain advantage over the adversaries. Our second issue of The Defender’s Advantage Cyber Snapshot report, launching today during mWISE Conference 2022, covers the following topics:

  • How information operations lead to disinformation and misinformation: Attackers have been using inauthentic online assets and deceptive tactics to influence target audiences for years now, and the problem continues to grow in scale, frequency and scope.
  • Threats to cryptocurrencies and NFTs: Criminal and nation-state actors abuse cryptocurrency platforms through not only direct theft of digital assets, but also use of accounts, platforms and protocols to facilitate illicit transactions such as extortion payments, money laundering and sanctions evasion.
  • Insights Into the external enterprise attack surface: Digital growth increases the risk of misconfigurations or applications and services receiving permissions that violate company security policies, so ensuring best practices are followed is key to a strong defense.
  • Step by step through enterprise password resets: Resetting passwords for all accounts in an environment is often a significant undertaking, particularly following an incident response engagement that involves an active attacker; however, a well-planned enterprise password reset can be performed with minimal impact.
  • Attackers don’t follow your rules: Generic penetration testing can be useful, but deeper mission-based exercises guided by threat intelligence are far more effective, and that’s where red teaming comes in handy.

Read the latest issue of The Defender’s Advantage Cyber Snapshot today.