Latest news with #KasperskyManagedDetectionandResponse
Web Release
18-03-2025
- Business
- Web Release
Valid accounts showed significant increase as initial attack vector in 2024
By Editor_wr On Mar 18, 2025 Valid accounts are increasingly being leveraged as an initial attack vector in 2024, representing 31.4% of cases. Public-facing applications still hold the top position with 39.2% of cases. These findings were reported in the recent Kaspersky Incident Response analyst report. The Kaspersky Incident Response analyst report provides insights into cyberattacks investigated by Kaspersky team in 2024, using data from organizations seeking help with incident response and highlights trends in security threats across various sectors and regions. The report aids organizations in enhancing their security measures and developing effective incident response strategies. According to the report, in a concerning trend that has persisted for years, public-facing applications have once again emerged as the primary vector for cyber attacks, accounting for 39.2% of cases in 2024. Valid accounts have solidified their position as the second most common attack vector, representing 31.4% of incidents and showing a significant increase compared to 2023. This surge indicates a growing number of companies being targeted by initial access brokers (IABs), who capitalize on compromised credentials sold on the darknet to facilitate further attacks. This trend is particularly alarming in the context of Ransomware-as-a-Service (RaaS), where IABs play a crucial role in streamlining cybercriminal operations. The data also revealed that victims in these cases were often compromised beforehand, leading to leaked credentials without immediate detection. Trusted relationships have seen an uptick from the previous year, now accounting for 12.8% of attack vectors, while phishing remains a significant threat, utilized in nearly one out of every ten cases (9.8%). 'Cyber threats continue to evolve relentlessly, with attackers adapting their methods to exploit the most vulnerable points in companies' defenses. This highlights the critical need for organizations to not only strengthen their immediate security measures but also to cultivate a proactive and adaptive incident response culture that can stay ahead of these emerging risks,' comments Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky. To protect businesses from possible threats, Kaspersky experts recommend: Implementing robust password policy and multifactor authentication processes. Removing management ports from public access. Establishing a zero-tolerance policy for patch management or compensation measures for public-facing applications. Ensuring that employees maintain a high level of security. Use services like Kaspersky Incident Response or Kaspersky Managed Detection and Response to identify and stop the attack on early stages, before cybercriminals can reach their final goals. The full Incident Response analyst report 2024 is available via this link. Valid accounts showed significant increase as initial attack vector in 2024 Comments are closed.
Express Tribune
13-03-2025
- Express Tribune
25% companies come under human-driven cyberattacks
Listen to article Advanced persistent threats (APTs), classified as human-driven cyberattacks, have been detected in 25% of companies, accounting for over 43% of all high-severity incidents, which marks a staggering 74% increase compared to 2023 and a 43% rise from 2022, according to the latest Kaspersky Managed Detection and Response (MDR) analyst report. The annual MDR analyst report provides insights based on the analysis of MDR incidents identified by a team of Kaspersky's security operations centre. The report sheds light on the most prevalent attacker tactics, techniques and tools as well as the characteristics of detected incidents and their distribution across regions and industry sectors. Despite advancements in automated detection technologies, determined attackers continue to exploit vulnerabilities and circumvent these systems. Notably, APTs were identified across every sector except telecommunications, with the IT and government sectors bearing the brunt. Moreover, incidents characterised as human-driven attacks confirmed by customers as cyber exercises comprised more than 17% of total incidents. Additionally, severe violations of security policies comprised approximately 12% of high-severity events, with malware-related incidents accounting for over 12%, predominantly affecting the financial, industrial and IT sectors. "In 2024, we observed a significant escalation in advanced persistent threats and this alarming trend emphasises that even with advancements in automated detection, determined human-driven attacks continue to exploit vulnerabilities across various sectors. Organisations must enhance their preparedness and invest in comprehensive cybersecurity strategies to counteract these sophisticated threats," stated Sergey Soldatov, Head of Security Operations Centre at Kaspersky. If companies lack cybersecurity personnel or expertise, they can apply for Managed Detection and Response and Incident Response to investigate incidents and receive expert support. These services encompass the entire incident management cycle, from threat identification to continuous protection and remediation.
Zawya
10-03-2025
- Business
- Zawya
Advanced persistent threats target one in four companies in 2024, according to Kaspersky
According to the lst Kaspersky Managed Detection and Response (MDR) analyst report, advanced persistent threats (APTs) have been detected in 25% of companies, accounting for over 43% of all high-severity incidents. This marks a staggering 74% increase compared to 2023. The annual Managed Detection and Response (MDR) analyst report provides insights based on the analysis of MDR incidents identified by Kaspersky's Security Operations Center team. The report sheds light on the most prevalent attacker tactics, techniques and tools, as well as the characteristics of detected incidents and their distribution across regions and industry sectors among MDR customers. According to recent findings, Advanced Persistent Threats (APTs), classified as human-driven attacks, significantly affected one in four companies, representing a staggering 43% of all high-severity incidents detected in 2024. Compared to previous years, this marks a striking 74% increase from 2023 and a 43% rise from 2022. Despite advancements in automated detection technologies, determined attackers continue to exploit vulnerabilities and circumvent these systems. Notably, APTs were identified across every sector except telecommunications, with the IT and government sectors bearing the brunt. Moreover, incidents characterized as human-driven attacks confirmed by customers as cyber exercises comprised more than 17% of total incidents. Additionally, severe violations of security policies comprised approximately 12% of high-severity events, with malware-related incidents also accounting for over 12%, predominantly affecting the financial, industrial and IT sectors. "In 2024, we observed a significant escalation in Advanced Persistent Threats and this alarming trend emphasizes that even with advancements in automated detection, determined human-driven attacks continue to exploit vulnerabilities across various sectors. Organizations must enhance their preparedness and invest in comprehensive cybersecurity strategies to counteract these sophisticated threats," states Sergey Soldatov, Head of Security Operations Center at Kaspersky. If companies lack cybersecurity personnel or expertise, they can apply Kaspersky Managed Detection and Response and Kaspersky Incident Response to investigate incidents and receive expert support. These services encompass the entire incident management cycle, from threat identification to continuous protection and remediation, allowing organizations to safeguard themselves even against evasive cyber threats. The full Kaspersky Managed Detection and Response analyst report for 2024 is available via this link. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at
