56 percent of security incidents caused by lack of MFA

No Comments
Multifactor authentication

Valid account credentials -- with no MFA in place to protect the organization should they be
misused -- are still by far and away the biggest stumbling block for organizations investigated
by the Rapid7 IR team, occurring in 56 percent of all incidents in the first quarter of 2025.

Exposed RDP services account for six percent of incidents as the initial access vector (IAV) and were abused by attackers more generally in 44 percent of incidents.

In addition 44 percent of investigated incidents in the first three months of this year have involved ransomware, with the majority involving vulnerability exploits, and/or MFA related compromises. These include a surprising diversity of ransomware groups, such as Black Basta, INC Ransomware, Akira, Qilin, and RansomHub.

The BunnyLoader, the Malware as a Service (MaaS) loader, which has a wealth of capabilities
including clipboard and credential theft, keylogging, and the ability to deploy additional malware, is one of the most prolific presences Rapid7 has seen the first quarter. In many cases, it's also daisy-chained to many of the other payloads and tactics which make repeated appearances.

Manufacturing organizations were targeted in more than 24 percent of incidents observed, making it the most attacked. Manufacturing is a popular attack vector for nation states because it's an important component of global trade. It's also an area that has many legacy and older, operational technologies.

Chris Boyd, lead threat researcher at Rapid7, writes on the company's blog, "In addition, the risk of severe compromise stemming from seemingly harmless online searches underscores the necessity for organizations to reexamine basic security best practices, alongside deploying robust detection and response capabilities. Businesses addressing these key areas for concern will be better equipped to defend against what should not be an inevitable slide into data exfiltration and malware deployment."

You can read more on the Rapid7 blog.

Image credit: Jirsak/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Google Chrome smashes Speedometer 3 record with massive performance gains

How real-time analytics is powering innovation [Q&A]

Enterprise SIEMs are detecting only 21 percent of threat techniques

Navigating operational resilience regulation in cloud computing

AI can transform the supply chain but adoption is slow

Is SaaS adoption making life easier for cybercriminals? [Q&A]

The quiet revolution in European Tech -- and how it could shake the global cloud market

Most Commented Stories

Windows 7 Reloaded solves Windows 11's biggest problem -- download it now

42 Comments

Nintendo says your Switch 2 isn’t really yours even if you paid for it

27 Comments

Move over Windows 11, Windows 12 is the Microsoft operating system we need

25 Comments

Microsoft has finally relented and is giving Windows 11 users the new Start menu they want

23 Comments

Trump tells Apple: Make iPhones in America or face 25 percent tariff

16 Comments

Crapfixer 1.0 is here to fix Windows 11 and turn it into the operating system you deserve -- download it now!

13 Comments

Microsoft is ruining Notepad with pointless formatting in Windows 11

11 Comments

Donald Trump secures China trade deal that may ease smartphone and PC prices

10 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.