5 critical takeaways from FireEye's 2021 threat report.
Exploits beat phishing; hackers love PowerShell; tips on toughening up, and more...
Security firm FireEye has been publishing its global M-Trends threat report every year for 12 years. With over 9,900 customers across 103 countries, including more than 50 percent of the Forbes Global 2000 and as one of the go-to industry firms for incident response, it has something of a unique insight into security trends. The Stack pulled 5 key takeaways about the threat landscape from FireEye Mandiant's 2021 M-Trends report.
1: Exploits outstrip phishing as initial vector
Exploits, or explicit abuse of a software or other vulnerability, have become more common than phishing campaigns as a way to breach target networks.
Where the initial vector of compromise was identified, evidence of exploits was found in 29% of intrusions whereas phishing accounted for 23% of intrusions. Mandiant experts meanwhile saw adversaries used stolen credentials or brute forcing as the initial attack vector in 19% of their investigations.
n.b. The top 10 most exploited vulnerabilities of the past four years include a software bug first reported in April 2012, a 2020 report by the FBI and CISA revealed, in yet another reminder that poor patching regimes/legacy software continue to help facilitate data breaches and other malicious intrusions. Get patching, if possible.
2: Dwell times are falling (but not in EMEA)
