According to a new CrowdStrike report, the technology, professional services, and hospitality sectors were targeted most often by cyber adversaries. The actors used a variety of novel tactics, demonstrating particular creativity and perseverance in defense-evasion and credential-access TTPs such as the use of Windows Internal tool, Active Directory Explorer, for one-time credential dumping.

Notable percentages of intrusion cases by vertical include:

• Technology: 36%
• Professional Services: 17%
• Hospitality: 8%
• Defense and Federal: 7%
• Non-governmental Organizations: 7%