Key insights include: 

  • Decade-old, state-funded espionage campaigns are still actively collecting from unwittingly compromised organizations
  • Organized cybercrime is reaching new heights of social organization and role differentiation to bypass initial access controls
  • Cloud phishing campaigns abuse inter-cloud infrastructure trust
  • Credentials obtained from phishing are a stealthy initial access vector that require sophisticated analysis to detect