RedSense has issued a new paper that starts with a reminder:
Holidays Routine 2022/23: Not Novel
Naughty or nice, there’s a few things in cyber circuits that won’t change in this year’s Holiday Season.
1. Threat actors are financially motivated, driven by human needs, and the holidays are expensive
2. Threat actors stereotypically choose simple solutions available for their problem space(s)
3. Unmanaged digital disarray carries potential for breach consequencesThreat actors are also creatures of habit, often leveraging shared TTPs and re-used services and infrastructure, which gives defenders a significant potential advantage. Take for instance the ‘not novel’ tactics recently employed by recent ransomware campaign for Daixin, Hive, and Cuba……
Download the newest fact sheet from RedSense and their recommendations for prioritizing.