TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Infosecurity Magazine

Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne

2026-03-25 · Read original ↗

ATT&CK techniques detected

5 predictions
T1078Valid Accounts
96%
"technology - the attacker has their own legitimate access to company systems to conduct malicious activity from the inside. state - backed north korean hackers are known to leverage this kind of attack. sentinelone said that it has tracked over 1000 job applications and roughly 3…"
T1556.006Multi-Factor Authentication
88%
"compromised. even when accounts are protected with multi - factor authentication ( mfa ) attackers have ways to bypass or subvert this additional barrier to takeover. mfa bypass kits are readily available to cybercriminals, while some attacks just use brute force, overwhelming ta…"
T1078Valid Accounts
60%
"hackers exploit compromised enterprise identities at industrial scale, warns sentinelone cyber attackers have become so prolific at abusing legitimate enterprise accounts and identity systems to compromise networks that it has become a “ mass - marketed impersonation crisis, ” se…"
T1621Multi-Factor Authentication Request Generation
60%
"compromised. even when accounts are protected with multi - factor authentication ( mfa ) attackers have ways to bypass or subvert this additional barrier to takeover. mfa bypass kits are readily available to cybercriminals, while some attacks just use brute force, overwhelming ta…"
T1556.006Multi-Factor Authentication
39%
"hackers exploit compromised enterprise identities at industrial scale, warns sentinelone cyber attackers have become so prolific at abusing legitimate enterprise accounts and identity systems to compromise networks that it has become a “ mass - marketed impersonation crisis, ” se…"

Summary

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials