The latest Cost of a Data Breach Report by IBM’s X-Force revealed that credential-based attacks remain the top method cybercriminals use to breach cloud environments, according to SecurityWeek.
Despite enterprises' increased use of multi-factor authentication, phishing techniques like adversary-in-the-middle attacks allow attackers to bypass this security feature and steal credentials. Infostealers such as Lumma and RisePro have surged in activity this year, while business email compromise attacks represent 39% of incidents it has responded two in the last two years. Cybercriminals also exploit trusted cloud services like Dropbox and OneDrive for command-and-control purposes. To counter these threats, the report emphasizes embracing modern authentication methods such as AI, noting that while AI-generated attacks remain a growing concern, defensive strategies using AI are essential for combating emerging threats. The report also recommends organizations bolster incident response, protect data across all states, and adopt passwordless solutions like QR codes and FIDO2 authentication for enhanced security.
