From Phishing to Full Compromise in Under an Hour: Automation Is Fueling the Next Wave of Cyber T...
0LevelBlue’s latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they’re accelerating. In this episode of ITSPmagazine’s Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue’s Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.
Phishing as a Service and the Surge in Email Compromises
One of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.
Malware Is Smarter, Simpler—and It’s Spreading Fast
Malware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.
Ransomware: Faster and More Automated Than Ever
The speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.
Why This Report Matters
Rather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.
Be sure to check out the full conversation and grab the first edition of the Threat Trends Report (https://itspm.ag/levelbyqdp) ahead of LevelBlue’s next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.
Learn more about LevelBlue: https://itspm.ag/levelblue266f6c
Note: This story contains promotional content. Learn more (https://www.itspmagazine.com/their-infosec-story) .
Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue’s Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/
Resources
Download the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdp
Learn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblue
Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs
Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/
Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story