Mark  Nov 3
vxdb 

Insider threats are going to become a massive issue over the next couple of years.

The Play ransomware gang made a post seeking to buy access to private sector companies. If they can provide good money to the right person at the right time, it will severely impact the integrity of said company.

Scattered Lapsus Hunters have also showed their interest in buying access from current employees of target companies.

Massive corporations are going to have to implement least privilege access control systems asap if they want to stay ahead of threats. I think we are going to see a decrease in social engineering attacks as more employees become aware of it.

I think buying access from current employees is going to be the next big attack vector for future breaches.

tldr; Least Privilege Automation is the next cybersecurity trend

Oct 30 at 12:59amWeb
Show threadSpaceLifeFormOct 30

@vxdb

No lies detected. I am confident this is already an ongoing problem. Especially in cloud.

Show threadRyanOct 30
@vxdb is there a cultural solution to this? Internal bounties or some sort of self-report / matching program?