The era of the “break-in” is over. Attackers are now leveraging valid credentials and session tokens to bypass traditional perimeters. The latest telemetry from Guardz highlights a shift toward quiet, identity-driven campaigns.

89%
SMBs with confirmed credential compromise
2,000%
Spike in Google Workspace OAuth abuse
25:1
Non-human to human identity ratio
 

The Evolution of Stealth: BEC 3.0

Attackers are moving away from loud malware and toward “living-off-the-land” techniques. By monitoring legitimate email threads for weeks, adversaries use AI-generated voice and context-aware messaging to authorize fraudulent transactions without ever triggering a security flag.

 

RMM: The New Command & Control

RMM tool abuse now accounts for 26.2% of all endpoint threats. By exploiting legitimate tools like ScreenConnect and NinjaRMM, attackers create encrypted channels that are indistinguishable from authorized MSP traffic.

 

Immediate Operational Priorities

  • Phishing-Resistant MFA: Standardize on FIDO2/Passkeys to prevent session hijacking.
  • OAuth Governance: Audit application grants and enforce admin-level approval requirements.
  • Behavioral Monitoring: Monitor inbox rules and non-human identity patterns in real-time.
  • Kill Legacy Auth: Disable outdated protocols via Conditional Access to prevent MFA bypass.

Download the full 2026 State of MSP Threat Report

Start Free Trial

關於 Guardz

Guardz 為管理服務提供商 (MSP) 和 IT 專業人士提供一個人工智能驅動的網絡安全平台,專門設計來保護小型企業免受網絡攻擊。我們的統一檢測與響應平台能夠全面保護用戶、電子郵件、設備、雲端目錄和數據。透過簡化網絡安全管理,我們讓企業能夠專注於發展業務,同時減少安全管理的複雜性。Guardz 結合強大的網絡安全技術和豐富的專業知識,確保安全措施持續受到監控、管理和改進,預防未來的攻擊並降低風險。

關於 Version 2

Version 2 Digital 是立足亞洲的增值代理商及IT開發者。公司在網絡安全、雲端、數據保護、終端設備、基礎設施、系統監控、存儲、網絡管理、商業生產力和通信產品等各個領域代理發展各種 IT 產品。
透過公司龐大的網絡、通路、銷售點、分銷商及合作夥伴,Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括台灣、香港、澳門、中國大陸、新加坡、馬來西亞等各亞太地區,客戶來自各行各業,包括全球 1000 大跨國企業、上市公司、公用事業、醫療、金融、教育機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。