From Phishing to Full Compromise in Under an Hour: Automation Is Fueling the Next Wave of Cyber Threats | A LevelBlue Brand Story with Kenneth Ng

ITSPmagazine Podcasts

Content provided by ITSPmagazine, Sean Martin, and Marco Ciappelli. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ITSPmagazine, Sean Martin, and Marco Ciappelli or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

22d ago 36:02

MP3•Episode home

LevelBlue’s latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they’re accelerating. In this episode of ITSPmagazine’s Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue’s Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.

Phishing as a Service and the Surge in Email Compromises

One of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.

Malware Is Smarter, Simpler—and It’s Spreading Fast

Malware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.

Ransomware: Faster and More Automated Than Ever

The speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.

Why This Report Matters

Rather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.

Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue’s next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.

Learn more about LevelBlue: https://itspm.ag/levelblue266f6c

Note: This story contains promotional content. Learn more.

Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue’s Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/

Resources

Download the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdp

Learn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblue

Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/

Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story

621 episodes