[ad_1]
“This approach, popularized by actors such as Cl0p through large-scale exploitation of third-party and supply chain vulnerabilities, is now being mirrored more widely, alongside increased abuse of valid accounts, legitimate administrative tools to blend into normal activity, and in some cases attempts to recruit or incentivize insiders to facilitate access,” Mourtzinos says.
The evolving tradecraft of ransomware groups should prompt a rethink of defensive strategies.
“For CISOs, the priority should be strengthening identity controls, closely monitoring trusted applications and third-party integrations, and ensuring detection strategies focus on persistence and data exfiltration activity,” Mourtzinos advises.
[ad_2]
