Cyberattackers never took much of a break during COVID-19 lockdowns while the rest of the world was preoccupied. They kept pressing enterprise resources with new zero-day attacks, new ransomware methods, and new ways of probing the weaknesses of enterprise systems.
These threats were among many discussed at this year's Black Hat USA, according to a recently released Dark Reading Tech Insight.
The SolarWinds breach set the tone for industry conversation about enterprise threats throughout 2021 and surfaced new questions on third-party relationships and supply chain security, one of the prevailing themes of this year's show.
Another threat highlighted was the PrintNightmare vulnerability, a critical remote code execution flaw in Windows Print Spooler with huge enterprise risk implications. Discovered by three researchers from Sangfor Technologies in China and explored in depth at Black Hat, PrintNightmare makes privilege escalation trivial for attackers on just about any system running Windows Print Spooler.
Active Directory threats were also in the spotlight. According to security practitioners at Mandiant Consulting who presented at Black Hat Asia earlier this spring, some 90% of attacks their team investigates involve Active Directory in some form. Attackers could utilize it for the initial attack vector, to escalate privileges, to sneakily distribute malware to other systems, or all of the above.
Read more about top enterprise threats in this new report.