In this episode of the mnemonic security podcast, we’re joined by Will Thomas, Senior Threat Intelligence Advisor at the CTI company Team Cymru, to discuss the latest trends in initial access.

Will shares what he is currently observing, including the growing exploitation of edge devices, the targeting of SaaS environments using infostealers and stolen credentials, and the rise of ClickFix-style social engineering techniques.

He also explains how these trends differ between threat actors depending on their motivations, and what organisations should prioritise to stay ahead. Will outlines practical steps defenders can take and the key questions security teams should be asking to stay ahead of attackers.

The conversation also covers Will’s main concerns around threat actors’ use of LLMs, and how CTI and threat hunting should ideally be carried out to support security operations.

Want more Will Thomas? Here you can find his Ransomware-Tool-Matrix: https://github.com/BushidoUK/Ransomware-Tool-Matrix/tree/main/Tools

And his own podcast Future of Threat Intelligence (FoTI) Podcast:
https://www.team-cymru.com/future-of-threat-intelligence-podcast

Send us Fan Mail