Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Czech Republic
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Ireland
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Switzerland DE
Switzerland FR
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
Netskope – Cloud and Threat Report
Posted on: 14/11/2023
Share:
Top Adversary Tactics and Techniques
Report Highlights
- Spearphishing links and attachments are the top initial access techniques tracked by Netskope Threat Labs this year, with adversaries successfully tricking victims into opening the links and attachments via email, voice, text, social media, and search engines.
- User execution is the top execution technique, with adversaries having the highest rate of success in tricking their victims into downloading Trojans when they host them using popular cloud apps.
- For command and control and data exfiltration, adversaries are heavily favoring the use of HTTP and HTTPS to fly under the radar and blend in with benign traffic.
- The majority of adversary activity on the Netskope Security Cloud platform comes from criminal adversaries, with the most activity attributable to Wizard Spider, a Russian group responsible for creating the TrickBot malware.
- The financial services and healthcare industry verticals have the highest percentage of activity attributable to geopolitical adversary groups on the Netskope Security Cloud platform.
