The bad actors who are perpetrating advanced persistent threat (APT) attacks aren’t just looking to access your network. They want to sneak in and hang around to collect valuable data or lay plans for future attacks.
Post-compromise threats are growing, and they’re aimed largely at aging network infrastructure and edge devices that are long past end-of-life stage and may have critical unpatched vulnerabilities, according to Nick Biasini, head of outreach at Cisco’s Talos security research arm. “We do see these threats across the board. But the older legacy components have more avenues for access, especially if the devices are out of support and they haven’t been updated in three or four years,” Biasini said.
