Quarterly Threat Report: Q1 2018
By Rapid7
From the report, “This quarter’s report covers three main areas of concern for the modern IT defender: • First, credential theft, reuse, and subsequent suspicious logins are—today— the most commonly reported significant incident we’re seeing across both small (<1,000 endpoints) and large organizations (≥1,000 endpoints). • Second, the DDoS landscape just got a lot more interesting with the debut of a new technique using misconfigured—and plentiful—memcached servers. • Finally, we take a look at the increasing levels of SMB and Cisco SMI attacker probes and attacks, where the former continues to define the “new normal” level of background malicious behavior around Windows networking, and the latter begins to bring shape to this relatively new attack vector targeting core router infrastructure.” Read on to find out more.