Top initial access techniques from 2019-2022, mapped to ATT&CK

November 4, 2023

Based on initial access data from dozens of cybersecurity industry reports over the past four years, here’s a visualization of the top five initial access techniques, and how they’ve trended over the years:

More on some of the source data and the top initial access techniques from 2022 can be here.

The data

Rankings by year, used to generate the visualization above.

	2019	2020	2021	2022
T1190: Exploit Public-Facing Application	1	1	1	2
T1566: Phishing	2	2	2	1
T1133: External Remote Services	3	4		5
T1078: Valid Accounts	4	3	3	4
T1199: Trusted Relationship	5
T1195: Supply Chain Compromise		5	4
T1189: Drive-by Compromise			5	3

Twitter Facebook LinkedIn

AI query capture and OpenAI search Permalink

November 18, 2024

I’ve been exploring how AI engines will impact traditional content discovery models. A key hypothesis is that content creators will reduce time-to-citation by:

MarTech and AdTech are the true global surveillance superpowers Permalink

October 23, 2024

Great reporting by Brian Krebs:

NotebookLM-generated discussion based on my recent post (SEO, GEO, and the future of content discovery)

October 21, 2024

I uploaded The End of Advertising along with my commentary into NotebookLM and asked it to generate a brief discussion between two hosts. The results are impressive, in particular the aspects of the topic that aren’t covered by either the original text or my own.

SEO, GEO, and the future of content discovery Permalink

October 1, 2024

The End of Advertising by Michael Mignano was thought-provoking, but not for the reasons I expected.

by Keith McCammon