Hackers are increasingly exploiting stolen identities through password attacks, infostealers, and social engineering to breach organizations and deploy ransomware. Microsoft’s report highlights the rise in identity-based threats, targeted industries, and evolving tactics such as AV exclusion exploitation. #LummaStealer #ScatteredSpider
Keypoints
- Over 97% of identity attacks are password-based, with a 32% surge in 2025.
- Cybercriminals use infostealer malware and social engineering schemes like help desk scams to obtain credentials.
- Microsoft tracks multiple ransomware strains used by threat actors, indicating coordinated criminal operations.
- Exploitation of antivirus exclusions is a new tactic used to bypass defenses during remote intrusions.
- The most targeted sectors include IT companies and government bodies at various levels.
Read More: https://therecord.media/microsoft-warns-of-surge-identity-hacks-passwords