As attackers shift towards stealing cookies and tokens instead of passwords, organizations face increased risks, especially for privileged users like sysadmins. These stolen cookies can be used to gain persistent access to sensitive systems before they expire. To mitigate these risks, organizations should consider implementing best practices such as issuing Privileged Access Workstations (PAWs) and enhancing their defenses with additional layers of security, including strong isolation and application security posture attestation.

AI is being increasingly utilized by cybercriminal groups to automate reconnaissance and streamline attacks. This includes using AI for complex tasks like vulnerability discovery, which allows attackers to scale their operations more efficiently. Organizations should focus on enhancing their threat containment and remediation strategies to safeguard their systems against these AI-assisted attacks, ensuring they can respond effectively to emerging threats.

Following a series of high-profile attacks on connected devices, organizations are recognizing the need to secure their IoT and print infrastructure. Many organizations have overlooked the security of printers, which can serve as entry points for attackers. To address this, organizations should implement continuous monitoring and security compliance for all endpoint devices, including printers, to minimize vulnerabilities and protect their overall network integrity.