Threat Horizons: January 2023 Threat Horizons Report

In Q3 2022, analysis of data about Google Cloud customer compromises indicates that threat actors diversified their initial access vectors compared to what we saw earlier in the year. Weak passwords continued to be the most common factor at 41% of observed compromises. However, API key compromise played a role in nearly 20% of cases studied last quarter. In terms of which software was most targeted in Q3, we observed significant diversification. SSH was targeted in 26% of cases, but Jenkins and PostgreSQL were close behind at around 22% and 17%, respectively.

 

Increased diversification efforts by threat actors in targeting and access vectors highlights the constantly evolving threat landscape faced by organizations. In particular, the use of API compromise may suggest increased levels of automation by threat actors. While threat activity historically has dropped toward the end of Q4, the use of automation may allow actors to keep activity steady or even growing in volume into 2023.

Download the report to learn more.

    Company Size


    Country

    What are some cyber security issues you are interested in or looking to solve?



    What additional piece of content would you like to download?


    By downloading this asset, you provide Consent for Mandiant to inform you about its products, services, and events. You may withdraw your consent at any time. See our privacy policy for details.

    All information that you supply is protected by our Privacy Policy.
    In order to provide you with this free service, we may share your business information with companies whose content you choose to view on this website.
    By submitting your information you agree to our Terms of Use.
    Third party cookies may be placed, to serve more relevant ads when you browse the web.
    You can learn more about those ads here.