Trend #7: User-initiated initial access
Red Canary notes a rise in user-initiated activity cases where victims download a malicious executable after engaging with content they purposely sought out. For example, when adversaries poison search engine results to direct victims to compromise websites. Other examples include malicious emails, attempts to harvest victims credentials and breaches by way of a trusted party. It is critical to respond to this type of activity, says Red Canary, as follow-on threats can include infostealers and ransomware.
Return To Article
