From gbhackers.com
Attackers are employing evasion techniques to bypass detection and extend dwell time on compromised systems. This is achieved by targeting unmonitored devices, leveraging legitimate tools, and exploiting zero-day vulnerabilities.
While defenders are improving detection speed (dwell time decreased from 16 to 10 days), this is partly due to faster ransomware identification and adversary-in-the-middle and social engineering tactics to bypass multi-factor authentication.
Cloud infrastructure is under attack, with attackers even leveraging cloud resources. Both red and purple teams are exploring AI for better security outcomes as they analyze these trends and offer mitigation strategies to the security community.