A recent report by Picus Security reveals a dramatic increase in credential-stealing malware in 2024, with 25% targeting password stores—three times more than in 2023. Notably, this technique has made it into the top 10 of the MITRE ATT&CK Framework for the first time, representing a significant shift in malware strategy. The report also highlights an increase in the complexity of malware, with an average of 14 actions per sample, emphasizing automation and stealth. Importantly, AI-driven tactics did not see a significant increase in 2024.
In 2024, 25% of malware targets password stores for stealing credentials, three times more than in 2023 and appearing in the top 10 MITRE ATT&CK techniques.
Malicious actors are now prioritizing multi-stage attacks, utilizing sophisticated malware that emphasizes automation and stealth, with up to 14 actions per sample.
Collection
[
|
...
]