The CrowdStrike 2023 Threat Hunting Report highlights a 40% rise in interactive intrusions, with technology and financial sectors most targeted. Identity-based attacks dominated, with 62% of intrusions abusing valid accounts and Kerberoasting incidents surging 583%. Adversaries also increasingly exploited cloud platforms, with a 95% rise in cloud exploitation and widespread abuse of misconfigurations and tools like Azure Run Commands. eCrime actors expanded data theft and extortion tactics, while access brokers drove a 147% spike in underground credentials. Cross-platform attacks advanced, with DPRK-linked LABYRINTH CHOLLIMA exploiting the 3CX supply chain to impact Windows and macOS environments.

Join for free to read