Fortinet’s mid-year IR report reaffirms a key truth: most financially driven breaches don’t rely on malware - they rely on valid logins.
Credential theft, VPN abuse, and remote access tool misuse dominate 2025’s incident landscape.
The takeaway: shift from malware-centric defenses to identity-based monitoring and MFA enforcement.
💬 How do you see this trend shaping SOC priorities for next year?
Follow @technadu for independent, non-sensational cyber intelligence.

#CyberSecurity #Fortinet #IncidentResponse #CredentialAbuse #InfoSec #ThreatIntel #SOC #IdentitySecurity #EDR #MFA #CyberAwareness #DigitalResilience

DeepSec 2025 Talk: Man-In-The-Service: Truly OpSec Safe Relay Techniques – Tobia Righi

Recently, due to EDRs, it has become harder and harder to abuse credential access by dumping LSASS after compromising a Windows server and gaining local administrator on it. So, many red-teamers, pentesters

https://blog.deepsec.net/deepsec-2025-talk-man-in-the-service-truly-opsec-safe-relay-techniques-tobia-righi/

#Conference #CredentialAbuse #DeepSec2025 #ManInTheServiceAttack #RelayBox #Talk

Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs - Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial ... more: https://threatpost.com/akamai-on-credential-stuffing-attacks/153654/?utm_source=rss&utm_medium=rss&utm_campaign=akamai-on-credential-stuffing-attacks #credentialstuffing #financialservices #bankcyberattack #credentialabuse #sqlinjection #websecurity #ddosattack #apiattack #videos #hacks #api