2024 has seen a sharp rise in identity-based cyber attacks, including high-profile breaches like Snowflake and sophisticated techniques such as MFA bypass and credential stuffing. Annual cybersecurity reports from major vendors highlight increasing attack volumes, evolved tactics, and the shift of perceived perimeters to identity systems. #Snowflake #APT29
Keypoints
- Major cybersecurity reports typically include sections on threat landscape overview, statistics, trending attack techniques, notable incident case studies, threat actor profiles, and future outlooks, providing a comprehensive assessment of the current security environment.
- Statistics from 2024 reveal over 600 million daily identity attacks (Microsoft), with credential breaches accounting for 79% of web app compromises (Verizon) and infostealer activity increasing by 266% (IBM).
- Notable trends include the rise of cloud-conscious malware, an increase in session token attacks (39,000 per day), and a surge in MFA-bypassing techniques such as Phishing 2.0, infostealers, and session hijacking methods.
- Key findings emphasize that attacker focus is on vulnerable identities, exploiting weak or reused credentials, MFA misconfigurations, and unmanaged devices, resulting in large-scale breaches impacting hundreds of organizations globally.
- High-profile breaches involving Snowflake, Change Healthcare, and Microsoft demonstrate how stolen credentials via infostealers and unprotected remote access can lead to significant data exfiltration, revenue loss, and reputation damage.
- Repeated themes include the evolution of attack methods—using obfuscation, AI-driven phishing, and malicious OAuth abuse—highlighting the need for organizations to re-evaluate identity security strategies and adopt more resilient controls.
Source: Awesome Annual Security Reports - The reports in this collection are limited to content which does not require a paid subscription, membership, or service contract. (https://github.com/jacobdjwilson/awesome-annual-security-reports/)